AVG 2011 Update Causes Widespread Problems For 64-Bit Windows

phx_zs writes "Last night's mandatory update of AVG 2011 Free edition has caused most 64-bit Windows 7 PCs to fail while loading Windows. On their website they have an FAQ with instructions on how to repair the problem using a boot CD or USB device."

Ask a friend

[Midnight+Thunder]

The irony is that you need to find another computer to read up on how to fix the issue.

Re:Ask a friend

[Brucelet]

That's true of anything that causes your computer to fail to boot.

Re:Ask a friend

[Kjella]

Or fail to connect to the network, which makes those two the biggest no-nos when it comes to breaking a computer.

Re:Ask a friend

[mcgrew]

On their website they have an FAQ with instructions on how to repair the problem using a boot CD or USB device."

Yeah, that's real handy when your computer won't boot. AVG should snail-mail these instruictions to their paying customers. Not sure how users of free-AVG should be treated, though.

I guess they could just boot to their Linux partition.

Re:Ask a friend

What's a decent free one to use?

AV did that stupid fake warning so I stopped using them and switched to Comodo. I'm not sure how good Comodo is. Stupid windows. If I had my choice of what OS to use on my work laptop, I'd be running Ubuntu.

Re:Ask a friend

[commodore64_love]

How about NOT having forced updates?

Jackasses. I hate when MS or Apple does it to my machine - I certainly don't want some other company does it either. Which reminds me: Why is there a Microsoft Addon sitting in my Firefox & SeaMonkey browsers? I don't remember putting that there, and it doesn't uninstall.

"Litigious motherfuckers." - Penn Gilette

Re:Ask a friend

[Fulg]

What's a decent free one to use?

If you have to run Windows, the Microsoft Security Essentials package is excellent. I haven't had the urge to uninstall it yet (unlike Avast and AVG), and it doesn't noticeably slow your system. It's free if you have a valid Windows license...

Re:Ask a friend

[kryliss]

Not a problem for most of the slashdot crowd.. Either their not running windows or they have n+2 computers in the house to look up how to fix the broken computer. :)

Re:Ask a friend

[jimthehorsegod]

You have no choice over the OS you use on your work laptop, but have free reign over which free not-for-commercial-use AV you use? How odd...

Re:Ask a friend

[coolmadsi]

I'm sure lots of people will have a smart phone, laptop or other secondary device, not just the slashdot crowd.

Re:Ask a friend

[grahammm]

The irony is that you need to find another computer to read up on how to fix the issue.

Or boot from a live CD/DVD such as systemrescuecd.

Re:Ask a friend

Both MS and Apple ask you before installing OS updates. You have the option of canceling the installation procedure.

Re:Ask a friend

[bami]

Microsoft Security Essentials regularly freaks out on my x32 XP box. It just crashes, causing 25% CPU usage (which is one hardware thread on an Atom 330).
The mouse still responds, some programs respond but explorer usually locks up, along with everything becoming horribly slow.
Killing the process fixes it, and MSE pops back in a couple of minutes, and then works normally for the rest of day.

Without that flaw, you could say it's just perfect. Doesn't take a lot of resources (even on an atom), is free with a valid Windows license, and keeps your system pretty much clean.

Tell your friends :)

Re:Ask a friend

[bhcompy]

MSE is nice, but I hate the completely random auto-update schedule it has for definitions and the fact that it completely nukes the system when it does do its auto-update

Re:Ask a friend

[DigiShaman]

In all my years (15+) of using and administrating Anti-Virus software, not a single damn one of them can be reliable. They each have their own "personality" and hissyfits from time to time. I've seen Norton, McAfee (the worst), Trend Micro, Avast, AVG, Nod32, Kaspersky, and -yes- Even Microsoft Security Essentials cause problems with either the OS or 3rd party applications.

I recommend dealing with a major anti-virus vendor and dealing with the punches that get thrown your way. With all the new viruses and system permutations out there, I'm not shocked to here about these events as the happen.

Re:Ask a friend

[RobertM1968]

What's a decent free one to use?

If you have to run Windows, the Microsoft Security Essentials package is excellent. I haven't had the urge to uninstall it yet (unlike Avast and AVG), and it doesn't noticeably slow your system. It's free if you have a valid Windows license...

I too have found MSE to be excellent, except for catching the latest pieces of malware, having the ability to ensure a thorough scan is performed, social networking integration, good cross-browser integration and other "minor" stuff like that.

After failing (in the past and recently) to find highly publicized malware that I knew was on a machine (for instance, in the not so recently arena: Antivirus XP anyone? or Whistler? (three months late to that party)) or failing to remove all of the infection, I tried other packages. All but one other found the infected files.

But other than that... it's great! Perhaps it's good for a machine that isn't regularly exposed to the newest and latest pieces of malware... but a number of our customers do not fit that category (nor has MSE proven to be a valid option for them... as we've had to disinfect quite a few machines with other software, deinstall MSE, and install something else).

Re:Ask a friend

[sexconker]

Or fail to connect to the network, which makes those two the biggest no-nos when it comes to breaking a computer.

No.
The biggest no-nos are fire and data destruction (logical or physical).

Re:Ask a friend

[mackil]

It also uses far fewer processes and system resources than AVG, which is important for my older system. I'm not sure if that means it isn't as capable as AVG, but I have yet to experience a problem with it on my Windows box.

Re:Ask a friend

[icebike]

If you have to run Windows, the Microsoft Security Essentials package is excellent. I haven't had the urge to uninstall it yet (unlike Avast and AVG), and it doesn't noticeably slow your system.

The major slow down most of these dumb scanners cause is because the scan on each read access. Some (like AVIRA) can be set to scan only on write. In a controlled environment this often yields the best performance.

When combined with a total system scan and a scan on any inserted media you can be reasonably safe with only scan on write. The problem is one of discipline, and remembering to always scan inserted media.

Of course it also requires that ALL accessible storage have some scanning software, because when you forgo scan on read, any network drive poses a security risk.

The argument for scan on read vs scan on write has been going on for years. Currently I fall into the latter camp, because I control every computer to which I can map drives, but in a corporate world this may not be the case.

So be careful with any option that does NOT impose some overhead. It may not be as secure as you believe.

Re:Ask a friend

[windcask]

I run Avast and MSSE. Security Essentials does have a pretty small footprint, though it gives me the impression that it's pretty impotent. Avast is good and has kept me from small-time JavaScript exploits on more than one occasion, which MSSE did not detect. However, installing it on my 4 year-old laptop pretty much brought it to its knees.

It's important to note that Anti-Virus is 90% theater. If you do reckless things with your computer, you will get owned sooner or later.

Re:Ask a friend

I quit using AVG last year when it caused my Win7 64bit OS to bluescreen after login. (would boot ok, but as soon as I typed in the password and pressed enter, *poof*). I was using the full version too, not the freebie. Techsupport was worthless. THey finally got back to me 3 months later (after pestering them) with a fix. By then I had grown to like MS Security Essentials and dropped AVG altogether.

Definitely not regretitting that decision today.

Re:Ask a friend

[hairyfeet]

Actually you HAVE a good one. I have been giving Comodo Internet Security out for ages and it is rock solid and catches on average 98% according to the tests I've seen. If you want less secure but no questions asking you anything Microsoft Security Essentials is about as simple as they come but it won't be as good as Comodo, as it is more of an on demand scanner than a IDS. Finally Comodo by default uses sandboxes for every apps unless told otherwise, so if some unkown new baddie manages to get through they are isolated.

I have some customers that nearly always end up with more viruses than a Bangkok whore, and Comodo AV has kept them squeaky clean. I don't know how much better you can get than that for free!

Re:Ask a friend

[MoeDrippins]

I'm at a loss to see what an antivirus software needs with social networking integration. Can you explain; perhaps I'm missing something.

Re:Ask a friend

They ask you for permission to install one thing, and install something else.

Re:Ask a friend

[Ziekheid]

Agreed that the MSE package is pretty good. Avira free edition runs fine too (you can block the popup of the free edition by blocking the avnotify.exe through the policy manager) but, just as MSE, failed to recognize newly packed editions of several recent rootkits.
MalwareBytes Anti-Malware thus far detected everything I could throw at it though. It's also free but the free version has no realtime scanning, only on-demand.
I do suggest however installing it anyway and do a manual update+scan every now and then since it seemed to detect far more than any other AV I've had installed in the past so consider it a double check (you can also buy it to have the realtime scan enabled).

Re:Ask a friend

[corsec67]

Not just that, but you need another computer that isn't a "64-bit Windows" computer running AVG 2011 with automatic updates.

Re:Ask a friend

[RobertM1968]

I'm at a loss to see what an antivirus software needs with social networking integration. Can you explain; perhaps I'm missing something.

My guess would be it has something to do with, oh, I dunno... the plethora of times people have gotten infected watching videos, playing games, clicking on links, looking at attached images, and so on, on sites like Facebook and MySpace (you know... social networking sites).

I think a lot of people visit those sites nowadays... ;-)

Re:Ask a friend

[__aaeuwj6541]

or you could just format the harddrive and use lunix... many problems solved and if you cant do that, use sandboxie or VMware or other virtulization software (note been using sandboxie before everything whent X64, loved it, now they got it patched a little to get around some of microsoft's screw ups works great again) HOORAY FOR SANDBOXIE

Re:Ask a friend

They didn't supply any anti-virus except the one that comes with Win7.

Re:Ask a friend

[reboot246]

Bah! I've wiped hard drives with just my magnetic personality.

Re:Ask a friend

[claq]

It sounds like I dodged a bullet 3 days ago by switching to MSE. AVG had nagged me too much to upgrade my home PCs, including a 64-bit Win7 PC.

Re:Ask a friend

[baptiste]

If your computer had McAfee or Norton installed at one point (like when it was new), they leave parts of themselves behind which can sometimes fight with MSE. Download and run the removal tools for each and then reinstall MSE. See if that helps. I've installed MSE for hundreds of clients and have only seen this behavior with a couple and was always an interaction with another AV program or remnant.

Re:Ask a friend

yep, MSSE definitely the easiest free one to use. If you have a pirated windows, I'd say the best option is Avira. Resource-thrifty, better detection rates than other free ones. It has a "buy the full version" nag screen, but there's guides all over the place on how to disable the nag.

Re:Ask a friend

[theshowmecanuck]

You get what you pay for. And with AVG you get the same whether you pay or not. This is not the first time that AVG's updates have screwed up something with the computer, from this latest episode, to updating then dropping all protection that was supposed to be provided by the software (and its updates). I found this happening a couple times, and had to reset the software to start protecting again. The last time I bought a different AV/Firewall suite; eset. Eset works fine, and generally hasn't messed up anything... with a notable exception that it can block pretty standard local ports used in development with respect to JEE app servers (e.g. glassfish). Anyway... get something free, don't bitch if it doesn't work... and you get what you pay for.

Re:Ask a friend

I just let Windows auto-repair itself with System Restore, then canceled updates until an update not affected by the bug installed itself.

Re:Ask a friend

[Neil+Boekend]

You get what you pay for.

With antivirus software you do NOT get what you pay for.
Most tests I have seen (from the Dutch "Consumentenbond" for example) indicated the free versions to be as good as or better than the payed ones.
I have seen Norton-protected systems, slow and riddled with virusses. Mcafee isn't much better. The payed virus scanners I saw suck (so do some of the free ones, most likely). For my parent's PC I chose Free-AV, until MSSE came and proved itself. For my own system I will probably use MSSE and have a backup Suse to boot if and when it won't boot (for any reason. Including virusscanners and malware).

Re:Ask a friend

[rolfc]

If it is your work laptop, why doesn't your employer buy you an AV?

Re:Ask a friend

[SpinyManiac]

It came with a Window update, something .NET related. Microsoft have redesigned it so it can be uninstalled easily, but it sounds like you have the original version.

I wrote a vbscript to remove it, it basically does this:

Close Firefox.

Delete these registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5

Open your prefs file:
C:\Documents and Settings\[USERNAME]\Application Data\Mozilla\Firefox\Profiles\[PROFILE]\Prefs.js

Delete this line:
user_pref("general.useragent.extra.microsoftdotnet", "(.NET CLR 3.5.30729)");

This is for Firefox under XP32. SeaMonkey will be similar, but that's an exercise for the reader.

Re:Ask a friend

[mcgrew]

How about NOT having forced updates?

Jackasses. I hate when MS or Apple does it to my machine - I certainly don't want some other company does it either.

That's one of the many reasons I switched to Linux. When I first installed XP over 98, I had planned on reinstalling it the next day, since XP didn't like the CD burning software that came with the burner (that had been happily working for quite a while). XP said that the software would make the machine unstable (I never had stibility probs with 98) and that it had disabled the software -- and a balloon came up on every boot (which was often, since I was reinstalling all my apps) saying so. It wouldn't let me uninstall the app.

I'd set it for automatic update. The next morning the modem was on the floor and the internet wouldn't work. I figured the cat had knocked it off and broken it. I called Insight (my ISP at the time) and they said "no, your modem's fine, we can see it, but not your computer. Must be a bad network card." Hoping it was cables, I tried two spares with no luck. Figuring I would replace the card the next day, I reinstalled Windows -- and had internet access again.

Microsoft had replaced my perfectly good NIC driver with one that didn't work at all. Needless to say, that was the last automatic update I let it install. Mandrake was on it dual-boot a week later, and I haven't looked back. These days I keep my machines MS-free.

Re:Ask a friend

[Machtyn]

I use Comodo because they have the best free software firewall around. It's a bonus to get the AV product with it. Like you, I'm not sure how good it is. However, in the 3-5 years I've been using it, I've not had virus troubles (2 computers, one's the wife's, the other is mine)

Re:Ask a friend

[bami]

MSE is the only anti-virus ever installed on this windows install.

I wipe most of my XP boxes every 6-8 months (and install from an nlited clean XP SP3 disk), due to clutter from certain programs, and I really make sure to never have installed two different anti-virus packages on the same install of windows.

Still thanks for the tip though.

Re:Ask a friend

[mister_playboy]

If you have a pirated windows

If you have pirated Windows, you should still be using MSE. Any pirate worth his salt will have an install that passes WGA checks.

Re:Ask a friend

[theshowmecanuck]

The OP was talking about FREE AV software. Try reading in context. Free... you get what you pay for... nothing for nothing... or maybe you live in a cave and never heard that expression before. And as far as anyone paying for MacAfee or Norton/Symantec products... that says a lot about anyone who has done that in the last ten or more years... that they aren't very bright. And AVG is a piece of shit in my books too... free or paid.

Re:Ask a friend

[Fyrin+Thol]

Why... I simply install an anti-virus routine, then never update my definitions. Works like a charm! ~KaBoom

Antivirus?

[Peach+Rings]

Does anyone on slashdot still run antivirus software in the background? It strikes me as a terrible idea to run through a pattern matching algorithm for every disk write. I haven't run antivirus software in years and I've never had a virus.

I mean, it's not exactly hard. Download from sourceforge, compile from source, use sandboxie, whatever.

Re:Antivirus?

[FatLittleMonkey]

I haven't run antivirus software in years and I've never had a virus.

Ummm...

Re:Antivirus?

[Servaas]

Why does the lyric "It's a small world after all!" suddenly ring in my head?

Re:Antivirus?

[leonardluen]

yeah, because compiling from source is always safer... ProFTPD.org Compromised, Backdoor Distributed

However for the most part I agree with you and don't run any antivirus software myself, at least at home, i am forced to at work.

Re:Antivirus?

ssh. Let him believe he's safe. There are botnet ops that rely on people like him.

Re:Antivirus?

Um... no.

I don't use anti-virus either. I don't have any viruses (used a trial anti-virus about a month ago then uninstalled it after it didn't find anything). You don't get them by opening email or surfing the web these days. Tracking cookies are not viruses.

Re:Antivirus?

I know what you mean. Antivirus software is sort of like the police: they don't really prevent crime, but mostly do the job of investigating crime after it happens. Similarly, no antivirus software I've come in contact with has ever caught a virus prior to infection. Usually (but not always) it can find a virus after infection. Occasionally, it can remove or fix a virus, but none of the really stealthy ones.

I no longer run antivirus software on my Windows boxes either. I rely on script-blocking at the browser, virtual machines, and common sense. Ultimately, the best antivirus software is between your ears.

I have not had a virus in five years. Before that, I had not had one in three years. Meanwhile, I enjoy the benefits of a system that is not slowed down by antivirus bloatware.

Re:Antivirus?

[Peach+Rings]

Is it even possible to have broadband these days and not have a router or gateway acting as a hardware firewall?

And how would you get a virus by just visiting websites? I use noscript and only unblock it for trusted sites, and I certainly don't have Adobe Reader installed (god forbid).

And what kind of email client gives you viruses by opening email? You'd have to run an executable attachment or open a specially crafted data file. I use webmail anyway (doesn't everyone?).

Re:Antivirus?

[bmo]

The fact the ProFTPD backdoor is news is because it's so rare.

Malware on Windows? Not news. Not when there are millions of signatures.

Why do Windows boosters *always* use the false equivalence fallacy when it comes subjects such as this?

--
BMO

Re:Antivirus?

[erroneus]

No. Just no. I'm a Windows hater too, but no. It's simply not THAT bad. It's really easy to catch something, but simply existing on the web isn't enough. You are making "magical" assumptions.

Re:Antivirus?

[leonardluen]

look, i don't have neither a pro nor anti linux or windows agenda. i use both systems at home linux works great as a server, windows as a desktop.

i guess the point i am trying to make is that if you don't read and understand all the source code before you compile it isn't really any safer than running a precompiled binary/executable. because unless you read and understand the source code entirely you really don't know what could be hiding in it.

Re:Antivirus?

[larppaxyz]

I never have had any virus scanner running on background, i only manually run it every now and then. Never had any viruses, plenty of 'scary' cookies and stuff like that, but nothing else. This could be because i pretty much know what i'm doing, i don't search porn sites with IE6 and i only install software that i already know from somewhere.

Re:Antivirus?

[Shadow99_1]

I use the internet just fine and stopped using AV's a few years back as they never ever came up with anything on my desktop PC. It was a complete waste.

I however have a laptop these days and a wireless network I use often requires Sophos as an AV to be working to access the network. If anything Sophos tags all sorts of craziness as a Virus... False positives on lots of games for instance, usually in the anti-cheating software they use. And the best part is it won't let you exclude something 90% of the time. I can't run certain things even in Sandboxie. The AV does not know more than me, but it sure damn well thinks it does. Besides wrongly tagging games and finding the occasional 'virus' of the low threat kind in stuff I plan to run with sandboxie it's useless to me and a waste of cpu cycles.

So no, you don't have to have 'SOMETHING' if you run a windows PC (64 bit or not) & in fact an AV can be a complete waste of resources...

Re:Antivirus?

[pspahn]

Would it satisfy you if those of us who don't use AV software on a regular basis install some, do a scan, and show you that we are indeed (speak for myself) not infected with mysterious viruses?

It's kind of like saying that people that have never had sex have the same HIV infection rate as those who have unprotected sex with multiple partners. Personally, I don't have sex with the internet.

Re:Antivirus?

[igreaterthanu]

Does anyone on slashdot still run antivirus software in the background?

Some of us have to maintain computers for family/friends. Said people are not always the brightest when it comes to computers. Unless you haven't upgraded in the last 10 years, your computer should easily be able to run an antivirus without much noticeable performance issues. Myself, I am very glad I was too lazy to upgrade AVG yesterday.

Re:Antivirus?

[Capt.DrumkenBum]

Is it even possible to have broadband these days and not have a router or gateway acting as a hardware firewall.

Yes it is. My sister had exactly that, until I brought her a cheep router.

I use webmail anyway (doesn't everyone?).

No! I hate webmail! You can take my Thunderbird when you pry it from my cold dead hands!

Re:Antivirus?

[aarggh]

I haven't run antivirus software in years and I've never had a virus.

I'd say there's a very good chance you have viruses and/or trojans already but just don't know it. On my home network it's a constant battle not only with the staid sites I use but especially with the sites the teenagers frequent to keep machines clean. These days you just cannot afford to not run anti-virus if you have your machine connected to any network or use any form of USB devices, and this is especially so if you use your machines for any type of online banking/financial transactions! I run multiple packages, Comodo free firewall/IDS, Peerblock, and Trend Anti-virus. As the i5 and i7 CPU's have all the grunt you could want, having several background security apps running now doesn't have any appreciable performance impact on a system.

Re:Antivirus?

[tgrigsby]

You don't get them by opening email or surfing the web these days. Tracking cookies are not viruses.

You absolutely CAN get an infection from simply surfing the web. I was one of the people affected by the AVG Update Of Death, but I recovered and I will continue to use them in part because it integrates with Firefox and has stopped numerous attacks by intercepting seemingly innocuous sites. If you're not aware of the danger involved in simply surfing the web, you should do a little honest research.

Re:Antivirus?

[Peach+Rings]

Mods please, please.

Re:Antivirus?

[Dancindan84]

NAT != firewall. Most routers I've set up don't have the firewall running properly out of the box.

Re:Antivirus?

[gstoddart]

No. Just no. I'm a Windows hater too, but no. It's simply not THAT bad. It's really easy to catch something, but simply existing on the web isn't enough. You are making "magical" assumptions.

I have no direct evidence to contradict what you say, but every time someone has categorically said "you can't get a virus by just doing X", it doesn't take very long for that to be demonstrated false.

Sometimes, it's even by design with Windows -- stuff like hiding the extension of well know files, autorun, or executing scripts in email just by viewing the damned thing.

I would be completely unsurprised if there were viruses/malware you could get from a website without even knowing it. I sure as hell wouldn't want to run a machine without some AV on it.

Re:Antivirus?

[EnsilZah]

Using a USB dongle where I study can infect it with anywhere between 1 and 4 different malware, I don't know, maybe the IT staff are incompetent, maybe it the large number of Macs leaving them with not much experience with Windows, maybe it's just the heavy use of USB dongles.

It wouldn't be a good idea to stick your dongle into one of those machines without protection.

Re:Antivirus?

[bored]

Well it isn't exactly hard to kill the majority of the virus's propagation vectors. I haven't run a "real-time" AV program on my windows machine regularly since 2000 or so. I have caught 1 (detected) virus in that time, and that was from a USB fob a friend plugged into my PC. That actually failed because I was running under a restricted user account when it happened (win2003) and the autorun on the fob simply started up and then didn't have permissions to write to the registry location in wanted. Caused some strange behavior and I said "that's weird" and promptly dug into it. Found it, and had it removed in about 10 mins.

Before that I had autorun turned off, but failed to realize that it wasn't a binary on/off, instead there are further controls which needed to be set to disable it for USB mass storage, and other types of media (fsking M$).

So, for a start..

Plain text email.
Restricted user account (can't modify the system settings).
Updated Browser with noscript/flashblock/adblock/etc.
virus total (upload everything there before you install it).
autorun disabled on all devices
restrictive firewall, traffic monitoring
etc..

That said, I do periodically run some scanners, so its not like I never check, but I don't like any of the run all the time scanners.

So while its possible I have a virus, it doesn't seem to have done any harm yet, and none of the mainstream scanners I sometimes run against system images seems to be able to find anything.

Re:Antivirus?

[commodore64_love]

I don't have protection either, and I know I have viruses, but I just don't care.

"C'mere honey."

But seriously, it can happen even to the observant. This morning I installed VLC Media Player or what I *thought* was VLC, but the .exe didn't do anything. Just beep and make a "Registry changed. Approve or Deny?" window pop up. Probably a trojan. Good thing TeaTimer caught it.

Re:Antivirus?

[Junta]

Unless you are talking about locking down outbound connections, I fail to see how a NAT gateway would allow any unsolicited connections to things behind it.

In terms of itself, it would be a problem if they either didn't filter their own packets or at least refrain from most services/specifically bind to internal-facing addresses, but I'd hope they wouldn't be silly about it.

Re:Antivirus?

...or use NoScript.

Re:Antivirus?

[commodore64_love]

Could I replace your Thunderbird with SeaMonkey/Mozilla Suite or Opera?
(SM == firefox and thunderbird merged into one)
(Opera == nordic)

I like web-mail because it's allowed me to keep the same address since 1997. I've been through PSU, Erols, MSN, AOL/Netscape, and now Verizon ISPs but my address remains the same regardless.

Re:Antivirus?

[clone52431]

A couple of years ago I got a virus of some sort while browsing the web in IE6. Completely drive-by, no installation, no click here, nothing. Just a pop-up from Windows Firewall saying that application-with-Russian-characters-in-its-name would like to connect to the internet, allow it? It had actually already copied the executable onto my disk and launched it – no, that wasn’t just a ploy to get me to install it.

It was easy enough to remove (I was able to kill the process, delete the startup entry from the registry, and delete the executable), but it was still a bit unsettling.

I don’t remember why I wasn’t using Firefox, but it was a good learning experience for why it’s a really bad idea to use IE6...

Re:Antivirus?

[mlts]

You would be surprised -- some broadband places hand you a CSU/DSU, tell you to "plug computer in here" and go on. This is why I end up making sure friends/family have at least a basic firewall like a Cisco ASA 5505 or 5510.

Re:Antivirus?

[ThatMegathronDude]

NoScript and AdBlock Plus are your friends.

Re:Antivirus?

[arth1]

Um, no.
I have a PC that has been running Windows XP for five years now, and ESET Nod32 all the time. It's seen heavy Internet use.
So far it's had four false positives, and not blocked any real payload.

I have gone through the machine with a fine toothed comb more than once, and it really is clean.

The recipe for keeping it so is amazingly simple - just a few common sense rules will keep you safer than any AV software will (and I'm saying this as an AV software author).

1: Use a NAT
2: Run Microsoft update every patch Tuesday, or when Microsoft releases urgent updates.
3: Keep other internet capable software up to date too (Firefox, Adobe Flash and Reader, ...)
4: Don't use IE for external sites.
5: Don't use Firefox extensions from someone you can't even name.
6: Don't use a web browser for e-mail, and don't use your e-mail reader for web content.
7: Don't follow links in e-mails. Cut and paste links if you have to.
8: Get your educational video files from well-known sites.

Re:Antivirus?

[shadowrat]

I mean, it's not exactly hard. Download from sourceforge, compile from source, use sandboxie, whatever.

did you comb through all the source to that thing you compiled? I didn't, but i assumed you did so it must be safe.

Re:Antivirus?

[GIL_Dude]

If you have Adobe Reader or Flash installed you absolutely DO get them by surfing the web. Go to a site where their ad network has gotten either hacked or just had a bad ad get by their "review" and it is a done deal. Turning on DEP for all processes, installing EMET (video on it here http://technet.microsoft.com/en-us/security/ff859539.aspx) and configuring it to protect acrord32.exe and your browser, installing Adobe Reader 10, keeping Flash up to date and using something like FlashBlock to control when Flash can run, etc. can all help out in this space. But for the average user who doesn't update Flash or Adobe Reader - they absolutely get infections just browsing the web. My boss and my brother in law both got a fake AV from reputable sites recently - the ad networks had served an Acrobat Reader exploit. I'll recommend MS Security Essentials as a free as in beer, low impact AV product. But I'd look into EMET if you haven't already.

Re:Antivirus?

[Dancindan84]

I'm not saying it's useless, or even that it's not sufficient for most ordinary users. Just pointing out that the parent to my post was incorrect in assuming all routers and gateways act as a hardware firewall out of the box.

Re:Antivirus?

[Waccoon]

Hogwash.

I've tried installing a number of different anti-virus utilities over the years to check my system from time to time, but never used to have any permanent anti-virus protection in the background. In the 12 years I've been using Windows, I've never gotten a virus. Earlier this year, I tried Security Essentials and liked it, so I started using it permanently. Visiting a web site will occasionally warn that the site is trying to set a tracking cookie, but that's it.

The only real difference in my system usage is that I favor open source apps, I don't run any games newer than 8 years old, I never use Internet Explorer, and I have JavaScript support disabled in my PDF reader.

I also fix other people's computers. It's very rare that I find a virus, but common that I find multiple anti-virus programs fighting with each other, or massive amounts of bloatware installed. I usually replace the bloatware with open source apps, use "Autoruns" to disable the crap, and replace the mess of security suites with Security Essentials (largely because it doesn't nag about updates and fees, and updates silently). Reinstallation of Windows is almost never required. Amazingly, most people already know that they should avoid IE. I see a lot of people using Firefox, and haven't seen much of Chrome or Opera.

Frankly, the only time I saw viruses in the wild was at the class computers at my college campus. Those machines were overrun with crap. PCs are almost always unstable due to bad drivers, unnecessary background tasks, or mal-ware that must be explicitly installed.

Re:Antivirus?

[Junta]

With a modern desktop OS, the chances of infection via remote exploit is generally low by virtue of not generally listening on any port by default, at least not beyond link-local scope. MS *at least* learned that lesson. Most all exploits enter a network via trojaned email, web site, or removable storage.

So if you do have a regimented small home network, and you are careful about not doing *anything* via unsolicited dialog boxes, you have a good shot of running. I have anti-virus on systems and haven't had a single hit in years.

Meanwhile, I have relatives that see 'an urgent update for flash is needed' window, click without question, and end up rapidly with a mess of a setup real quick (with or without anti-virus, the anti-virus was surprisingly oblivious despite correctly updating definitions). I think the vast majority of users fall into this bucket.

Simple rule for Windows systems I give to less savvy friends and family: If it doesn't show up in the system tray, assume it's a browser window and therefore not to be trusted. If you really think flash needs an update, close the dialog and go to adobe's site directly, just like you would call your bank rather than blindly reply to an email.

Re:Antivirus?

There was a virus in the past that sent some FTP failed Get requests to random IP's. Without the patch, your machine would thingk "OMG, I sent a get request and it failed? Shit, I should redo that" and download the file. Zero user interaction. All you needed was to be online to get infected. Even Linux would download the file, but it didn't know what to do with it.

Re:Antivirus?

[Junta]

You don't get them by opening email or surfing the web these days.

Not true for 'average' computer users. I think many are dubious of email, but if a web site offers an installer package available via a button that says 'your system requires a critical flash update' or 'we have detected a virus, click here to install a removal program', you bet way too many people click and trust.

Re:Antivirus?

[interval1066]

I'm a Windows Hater too!! That's it. I just hate Windows.

Re:Antivirus?

[scrib]

Or, you could drop a few dollars on a vanity domain name. I own the .org domain for my last name (it's a four letter last name, so that was lucky).

The other option is gmail, which allows you to use webmail and/or an email client like Thunderbird.

Re:Antivirus?

[Capt.DrumkenBum]

Could I replace your Thunderbird with SeaMonkey/Mozilla Suite or Opera?

No. I have found that all in one solutions generally do not do anything well. Remember the last versions of Netscape?
Opera is for people who feel the need to be different so that they can be different.

Re:Antivirus?

[Monkeedude1212]

I don't bother with having an Antivirus on the machine that I actively use. I use a systems settings manager. Anytime a registry value changes, added, or removed? I get a popup. Anytime something wants to alter a windows system file - popup. Anytime something simply wants to be added inside the Windows Folder - popup.

Sure I'll throw an antivirus on there and update it and run a scan about every season - but I'm not going to bother constantly updating virus definitions, setting up weekly scans, etc etc - when all they have ever done is come back blank - except for MAYBE tracking cookies if I even have cookies enabled - often times I just have my browser delete any temp data on browser exit.

It's a simple system - I'll know when I catch a virus, the system settings protection manager will catch it - I'll be asked if I want to allow a change or deny it from happening. If it pops up when I don't expect it to - I know something is up. I've had it trigger when browsing the web - Mostly if I were to try and install an Active X control - which shouldn't actually alter any of the regular system settings if done properly. Simply using something like this is much easier than an Antivirus. It's like Windows UAC on steroids - so I turn that off so I'm not hitting things twice.

But basically, Pojuts point he tried to make "You have something if you aren't locked down or behind a crazy firewall" is complete FUD. He has no evidence to back it up. Simple protection measurements will work - you don't need anything complex, you just need to watch whats happening.

Being behind a firewall was only necessary before the days of routers - routers now normally already block all incomming traffic - thats why port forwarding is such a pain if you want to set up a server for a game. All that you need to do to stay clean now is knowing when something changes. Merely having a file on your computer that doesn't do anything doesn't constitute an infection.

Re:Antivirus?

[RDW]

Might also be worth installing something like WoT to reduce the chance of downloading a trojaned version in the first place:

http://www.mywot.com/en/scorecard/downloadvlcplayer.org

Re:Antivirus?

Good advice for other things in life too.

Re:Antivirus?

[X0563511]

Even that won't always cut it.

Remember the PNG exploit?

Re:Antivirus?

[(H)elix1]

I'll second this. I'm reasonably careful - browse only with Firefox and a handful of extensions, don't use bootleg software, careful about executing anything (unsigned or unknown), and typically stay out of the darker areas of the net. I'd even go as far as to say I think I know what I'm doing.

I still got hit.

Back before Steam switched to webkit, I joined in a random game of counterstrike. The embedded MOTD screen used some flaw in the embedded IE engine that was able to infect my system. Fortunately some of the follow on setups had issues on XP64 and some of the locked down settings, so I discovered what was going on right away.... but I did nothing but view a HTML page from inside a video game to get infected.

PDF, flash, JRE - all sorts of bits on a machine that might just expose you where one might think they are practicing safe hex. It is not just the browser, but all the net enabled applications installed (possibly by default) that should make a person worry.

Re:Antivirus?

You don't have protection, but you use TeaTimer? Also where the fuck did you download VLC?

Re:Antivirus?

[dziban303]

I own the .org domain for my last name (it's a four letter last name, so that was lucky).

So /you're/ the guy who owns fuck.com?

Re:Antivirus?

[bmo]

because unless you read and understand the source code entirely you really don't know what could be hiding in it.

No. Still not the same.

Because I don't need to understand the source code if there is someone else that does. It's a kind of herd immunity.

Sure, you can sneak your malware on to a server like what happened with ProFTPD, and you may get away with it for a few days. But not everyone is Ken Thompson - able to hide a backdoor in the Unix C compiler for decades.

--
BMO

Re:Antivirus?

[scrib]

Heheh, you are SURPRISINGLY close :)

My last name is, in fact, _UCK, but it's not pronounced like "fuck." I say how it's pronounced and people say "oh, I thought it was like ..." and then they blush. Apparently, no one can think of any OTHER four letter words that end in "uck" though there are many.

Letters other than F: B, D, G, H, L, M, P, R, S, T, Y
12 letters, almost half the alphabet, create valid words for ?uck.

Re:Antivirus?

the vast majority of users dont wont to compile there apps. they want to just do stuff. unfortunatly the majority of linux people can't grasp this concept.

shit man, I have worked in large scale IT for 20+ years. That doesn't mean I have the skills to download a 400 line C++ source file, look at it, and go "yup, I trust that"

Seriously, are you that ignorant of the real world use case for PC's?

Re:Antivirus?

[leonardluen]

you are just using the eyes of other programmers as your antivirus. i am not saying this happens every day, but it has indeed happened before and ProFTPD isn't the first time. You are still vulnerable until someone notices the issue, not too unlike the signature files on antivirus software.

but ultimately how is that so different than a binary? you DL a binary...you really don't know if it is safe or not. you can try scanning it and hope that if it is infected that it has a known signature that your AV will detect...

on the other hand you can DL the source and compile it, if you yourself don't read it, then if it happens to be infected you have to hope that the eyes of the herd have detected it already. eventually assuming it isn't a dead project they will probably find it, and often they may find it fairly quickly. but there is still a time period where the source is infected but it has not yet detected.

you are really only offloading your AV scanning somewhere else, over to the source code side using the eyes of the developers and hoping they find the issue in a timely manner.

Re:Antivirus?

[PopeRatzo]

Does anyone on slashdot still run antivirus software in the background?

You know, that's not really a dumb question.

When I built my current computer, I decided to go a different way. Instead of the AVG/ZoneAlarm or Comodo/Anti-Spyware blah blah, I went ahead and downloaded Microsoft Security Essentials. I don't use "real time" protection, but scan the system once in a while. At first I was worried because MSE is so damn quiet, although I enjoyed the noticeable jump in performance from not having all this stuff running in the background.

For a while, I'd get nervous enough to boot from clean media and do a very thorough scan with several different tools and it always came up clean. Occasionally, I'd get a false positive, but a little bit of research would straighten it out.

Now it's possible that there's something very evil and insidious growing inside my system and sending spam out when I fall asleep, but my logs and Filemon don't show any suspicious activity. Of course, I've taken the time to set my router up correctly, and I take approximately the same approach to security on my WinXP, Win7, Linux and OSX systems running off this router.

So no, I don't have any real time virus protection running on my system. I'm sure lots of you slashdot readers are very knowledgeable about PC security. Am I kidding myself?

Re:Antivirus?

[PopeRatzo]

You absolutely CAN get an infection from simply surfing the web.

You say you can get infected from "seemingly innocuous" sites. Does that include mainstream sites, like Netflix or YouTube, Demonoid.me or Amazon or blogs like Slashdot?

I always thought that as long as I stay away from dodgy sites, I'm probably not going to get infected.

[yes, I know]

Re:Antivirus?

[hasdikarlsam]

By that logic there's no difference to swimming in shark-infested and jellyfish-infested waters - you could die in either one, so who cares that the sharks are roughly a thousand times less likely to attack you?

(I wanted to make an analogy with some kind of *safe* waters, but.. um... today's internet. Shark-infested it is.)

Re:Antivirus?

[VortexCortex]

I'll second this. I'm reasonably careful - browse only with Firefox and a handful of extensions, don't use bootleg software, careful about executing anything (unsigned or unknown), and typically stay out of the darker areas of the net. I'd even go as far as to say I think I know what I'm doing.

I still got hit.

Windows users are insane.

"The definition of insanity is doing the same thing over and over and expecting different results." - Benjamin Franklin

Keep running the Most Targeted, and therefore most vulnerable OS. Keep "recovering" from crashes & viruses; Keep putting up with the fact that a constantly running A.V. is essential. Keep feeding the insanity because [insert your excuse here], and Windows is more familiar...

Except that It's not always more familiar. Most laymen I've encountered have just as much (if not more) trouble migrating from XP to Win7 as they do migrating to Linux or OSX.

Oh, right, it's AVG not MS that caused the crash... Tell me: Why was AVG's A.V. product installed? (Just plain insane, I tell you).

AV doesn't protect against most "Zero-Day" exploits; 1 month later your OS is patched against the known exploits... What then is the benefit of running an AV? It protects against unpatched flaws in your OS.

Psst: Instead of developing my own FOSS AV product, I just patch bugs in Linux...

Re:Antivirus?

[bmo]

"you are just using the eyes of other programmers as your antivirus."

Yeah? So? And how is that bad? I also use MD5 sums to compare what I downloaded with what I was supposed to download.

"i am not saying this happens every day, but it has indeed happened before and ProFTPD isn't the first time."

It happens once every few years. I literally can't remember specifically when the last one happened, but I have a vague recollection of it.

Googling, I can find 3 instances, including this ProFTPD one in the last 10 years. Gentoo and Debian were at fault in the previous two.

That's how rare it is.

Compare and contrast this situation with the Windows situation, where there are literally millions of malware signatures, and the number keeps growing every day.

"but ultimately how is that so different than a binary?"

Because *someone* can look at the code. If not me, then someone else. With a binary, you get *zero* chance.

You're really fighting tooth and nail to hold on to that false equivalence fallacy. Sorry, but that's a load of bullshit.

"eyes of the developers and hoping they find the issue in a timely manner."

It's worked pretty well so far. Obviously trying to catch it all at the client side (Windows) hasn't worked at all over the past decade and a half.

--
BMO

Re:Antivirus?

[VortexCortex]

And how would you get a virus by just visiting websites?

By "visiting websites" I assume you mean downloading a HTML file along with it's supporting data files such as sound, images, SVG / XML, video, PDFs (via plugin), etc, and displaying the combined content in a browser.

Go ahead and search the web for image/sound/video exploits in IE, Firefox, Safari, and any other browser.

For example, JPG image expolits can infect your computer with malware by simply attempting to decode an image.

Pssst: "Visiting websites" can cause JPG images to be decoded and displayed.

Re:Antivirus?

[Billly+Gates]

The problem is many of your favorite *safe* websites use advertising networks. Some of the networks have virus infected ads without Google or the site owner knowing before it is too late. It has been on slashdot a year or two ago.

More than likely this is when you would haveNoScript off because you trust the site. The malware writers know this and are taking advantage of this too. Even that is not 100% secure.

Re:Antivirus?

[Charliemopps]

Yea no. You don't know what your talking about. Windows IS more virus prone but with just a little common sense it's fairly easy to keep clean.

Re:Antivirus?

[Tacvek]

Hello, Mr underscore-ook?

(If it does not sound like fuck, the only other pronunciation I can think of is ook.)

Also I'm pretty sure you don't own _uck.org, you liar! ;D

Re:Antivirus?

Agreed. I work at a computer repair shop, and literally see dozens of infected machines every single day. It absolutely IS possible to get infected easily, and I've had people who walked out with machines fully loaded with expensive paid antivirus and antimalware tools like malwarebytes come back and get pwned a week later by some infection. In my opinion, if you're not running any security tools of any kind, you're either crazy or high.

Re:Antivirus?

[toxickitty]

Agreed, you do not simply get worms by plugging a windows box on the Internet, anything pre Windows XP SP2 you can definitly say you would but not anymore.

Re:Antivirus?

[javajeff]

If you use Firefox, try noscript

Re:Antivirus?

[drinkypoo]

Uh, it would be a little weird to be Mr. Suck, Guck, or Yuck too (especially in that order)

Re:Antivirus?

[pinkushun]

Me neither, don't need one, don't care :-)

Re:Antivirus?

[Neil+Boekend]

6: Don't use a web browser for e-mail, and don't use your e-mail reader for web content.

What's the problem with web based email? Google scans all my attachments BEFORE they reach my system. On a local email client the attachment will be downloaded before it is scanned. Dunno for sure, but the web based way seems secure.
Also a lot of people use Outlook, and it has been a target for exploits in the past.

7: Don't follow links in e-mails. Cut and paste links if you have to.

What's the difference? People don't look at the link, even when they copy-paste it. The webbrowser should prevent nastiness from getting in in both cases.

Re:Antivirus?

Opera is for people who feel the need to be different so that they can be different.

A bit like Firefox and indeed Linux used to be...

Re:Antivirus?

[qubezz]

Click this link to make your penis shrink 200%.

It is entirely possible. Even top-tier websites whore out their visitors to advertisers. Just look at a site like Gizmodo, they have like 20 other sites foisting ads, cookies, tracking scripts, and pixels on you. Ad networks do not vet the content that is being served out, so if a rogue 'advertiser' is able to push javascript or a 0-day png exploit out, your IE6-using mom just got ransomwared.

That said, I do not use antivirus, except in a virtual machine to scan highly suspect web stuff. Never rooted or virused. Antivirus is like having a bodyguard that belches and farts and likes to hit you in the arm and grab your girlfriends ass, you are guaranteed to have a bad time to protect against the chance of a real bad time. And I de-malware computers for a living (since software problems are the only consumer-level tech work left, since there is no repair or upgrade when everybody has appliance-level $300 laptops that are relevant about as long as the warranty). About the most Pwned I've gotten was having to kill the browser off because a rogue site got me caught in a javascript click-loop, trying to foist some exe.

Re:Antivirus?

[Rockoon]

A case-in-point is a co-worker of mine (non-techy ex-hippie) who said he was safe because he installed an anti-virus at the request of a website that said he wasnt protected.

Barry: "How do I know what is legitimate and what is not?"

Me: "Its simple. Assume that nothing is legitimate."

Re:Antivirus?

[cerberusss]

The embedded MOTD screen used some flaw in the embedded IE engine that was able to infect my system.

This wouldn't have happened if you just had logged in as a normal user (in Windows terms; restricted user) instead of administrator. You said:

go as far as to say I think I know what I'm doing.

but actually, I don't think you've taken into account the good practice of NOT logging in as administrator. And before you reply 'but Steam needs administrator rights', I say: Installing Steam on a Limited Windows User Account.

Re:Antivirus?

[arth1]

What's the problem with web based email? Google scans all my attachments BEFORE they reach my system.

A scanner only successfully scans for known exploits (and even then may have difficult finding some permutations). The problem is that a large part of infections happens before the AV companies and customers who use their products have definition files that can detect them.

It's because people get infected that the AV companies find out about the problem, so they can react, write, test and release new definitions. That doesn't help everyone who have been infected in the mean time.

And it's not only attachments that is a problem, but rich HTML with embedded content and javascript. Your web browser will automatically evaluate and render web content -- it's its primary function.
And a very nice attack vector for malware.

Re:Antivirus?

Bullshit! Not everyone downloads and runs everything they find on the net. When you have router with a firewall, updated Firefox with flashblock and noscript and you dont download every blinking shit you find then you are relatively safe. I also don't run antivirus and antispyware/malware but i take my harddisk every month or two, connect it to a machine with NOD 32 and Malwarebytes Animalware. Don't remember when was the last time i was infected. Scanner mostly finds some tracking cookies and that's it.

Re:Antivirus?

[commodore64_love]

>>>Remember the last versions of Netscape?

Yeah they worked better than Innerweb Exploder. In fact the Firefox and Thunderbird you love so much originated as Netscape spinoffs. And Mozilla/SeaMonkey uses the same codebase as FF and TB.

Good point about Opera being "different", although I do like their "Link" function which stores bookmarks online so you can access them from anywhere (home, work, on the road). Also "Turbo" is great for surfing on slow phone or cell connections.

Re:Antivirus?

[Capt.DrumkenBum]

In my opinion. the last versions of Netscape were huge bloated and just about unusable. With a terrible interface for email. As I recall at the time I used Eudora for email.

Re:Antivirus?

[IndependentVik]

I don't bother with having an Antivirus on the machine that I actively use. I use a systems settings manager. Anytime a registry value changes, added, or removed? I get a popup.

Well, you definitely made me curious. What software package do you use to monitor the registry? I googled registry monitors and got a ton of hits, with no idea which solutions were good.

Re:Antivirus?

Avast can do the same thing.....

Re:Antivirus?

[Monkeedude1212]

I've got one that is normally hooked into an Antivirus called "Spybot Search & Destroy" - go install that, choose the option for their "Tea Timer" which will monitor the system, and you can remove the antivirus and leave that on there.

Re:Antivirus?

[interval1066]

"unless you have it locked down like crazy behind a hardware firewall..."

Heh, "hardware firewall"... I giggle a little every time I see a neophyte write that.

Re:Antivirus?

[Peach+Rings]

If they use an advertising network, any scripts would have to be loaded from the ad servers. Which aren't on my whitelist.

Re:Antivirus?

[Peach+Rings]

installing Adobe Reader 10

o_o

Re:Antivirus?

[IndependentVik]

I'll definitely check it out. Spybot has helped me get spyware off of various machines (owned by relatives) more than once, and I've never had a bad experience with it. Thanks for the tip.

Re:Antivirus?

[EXrider]

Wow, HELLO, GDI+ exploit! one malicious JPEG parsed in any application *BAM*! Just one example of many. Guess you don't view any JPEGs on the internet do you? I suppose you use absolutely no plugins (Flash, Adobe Reader, Java) in your browser either? Idiots...

Re:Antivirus?

[EXrider]

Even if you don't use IE as your browser, there are many MS (Outlook Express, Live Mail, Outlook, Office, any app with integrated online help...) and 3rd party apps that use the IE rendering engine to parse HTML. Even when you "remove" IE from Add/Remove programs, its libraries stay in the system because there are numerous dependencies in Windows that require them to parse any HTML.

Re:Antivirus?

[EXrider]

Is it even possible to have broadband these days and not have a router or gateway acting as a hardware firewall?

And how would you get a virus by just visiting websites? I use noscript and only unblock it for trusted sites, and I certainly don't have Adobe Reader installed (god forbid).

And what kind of email client gives you viruses by opening email? You'd have to run an executable attachment or open a specially crafted data file. I use webmail anyway (doesn't everyone?).

Yeah, you should be fine, just as long as you don't ever browse any sites that load JPEGS or PNGs.

Re:Antivirus?

[EXrider]

MOD PARENT UP... this is exactly what I'm saying to all these crazy asses that think they're fine because they have a firewall and they run Firefox with NoScript. Once you have a vulnerability in a shared library that's widely used across the system, it practically doesn't matter which browser you use, you're screwed soon as you parse a malicious image in an ad on a "safe" site.

Re:Antivirus?

[EXrider]

Would it satisfy you if those of us who don't use AV software on a regular basis install some, do a scan, and show you that we are indeed (speak for myself) not infected with mysterious viruses?

As long as you take that drive out and scan it for viruses booted from another drive. There are rootkits out there that can patch the kernel to completely evade detection from inside of the running OS. I just had the fun of removing the Alureon rootkit from an XP SP3 machine running an up to date version of McAfee 8.5i. Neither McAfee, NOD32, MSE or MRT.exe detected it on the running system. MRT.exe finally found and removed an infected tcpip.sys from the drive when I scanned it from another machine, which I then had to replace with a good copy.

It was a Dell laptop, that coincidentally had an SSD drive with a proprietary ribbon-connector interface. That was fun setting it up as an iSCSI target to be scanned from another machine. Suppose I could've used a WinPE boot cd to scan it, but I was too lazy to read up on the latest XP slipstreaming and product activation evasion techniques. Damn that legacy OS.

Re:Antivirus?

[Peach+Rings]

The jpeg one was more than 6 years ago and nobody uses MSN messenger.

Re:Antivirus?

"In my opinion, if you're not running any security tools of any kind, you're either crazy or high."

Or (*gasp*) have some common sense. And maybe not even run a virus-prone OS.

Re:Antivirus?

[EXrider]

You're right, but the correct answer would've been ASLR and NX help protect me from shit like that nowadays. I could site other examples, but I'm too lazy to google more. Bit hey, ignorance is bliss, right?

Re:Antivirus?

[tgrigsby]

You say you can get infected from "seemingly innocuous" sites. Does that include mainstream sites, like Netflix or YouTube, Demonoid.me or Amazon or blogs like Slashdot?

Actually, I was referring to any site that I might come across while doing a search. I've come across numerous situations where I'm trying to find information on something and one of the sites I click on is blocked by AVG. I haven't had a well-known mainstream site blocked, IIRC.

AVG? Feh.

[Pojut]

Does anyone actually use AVG anymore? There was a time when it was awesome, but it just got crazy bloated and slow...

AVG is Garbage

AVG is trash and has been since at least vserion 8. We're using the enterprise version 9.0, with the 2011 management console at my organization, and today it started pushing out its AVG toolbar to everyone.

Re:AVG is Garbage

We share that opinion about v8/9, and months ago got Avira to replace AVG.

Now Avira on XP has a memory leak :(

Re:AVG is Garbage

[yeshuawatso]

After spending the last 24 hours trying to locate missing boot logs, use system repair, and failing to actually complete a system restore, I'm in agreement. AVG is the new Symantic. It's heavy on the PC, constantly asking to perform full scans when it's schedule to scan in the early AM, and the constant nagging about the free version being for non-commercial use just because I have the enterprise version of W7 is enough; it's going in the trash. I was so damn busy today that I didn't get to read up on the cause of my wife's worries and my headachs for something I suspected the entire time. As many geeks have recommended AVG in the past, why didn't this story make the front page of Google news?

News for nerds...cmdrtaco got that one right for sure.

Wait

Didn't this happen once already?

Microsoft Security Essentuals

[Enderandrew]

I used to recommend AVG as the free anti-virus solution to people, but Microsoft Security Essentials has a much smaller footprint, it doesn't harass you to upgrade to a paid version, and it has a better detection rate.

AVG isn't particularly great when comparing free or paid products these days.

Re:Microsoft Security Essentuals

[cobrausn]

Agreed. Started using it not too long ago and it works well. Whenever any of my relatives call me to get them to fix their XP machines, I just tell them to either get Windows 7 with MSE or to learn to use Linux.

Re:Microsoft Security Essentuals

Agreed on that one - I've migrated away from recommending AVG or AVAST to Microsoft Security Essentials to any Windows user who doesn't want to shell out for an AV.

(The turning point was the AVG link scanner. That was a terrible idea and a sure sign it was headed for the toilet quickly.)

To any who do prefer higher-quality, paid antivirus software, I've found ESET NOD32 to be consistently excellent, or Kaspersky AV if you want to trade speed for thoroughness on deeply-nested archives (not always a good idea). (I have to begrudgingly admit that the newest Norton is not completely awful like we've come to expect but still isn't something that would ever appear on my recommendation list. McAfee would never appear there under any circumstances.)

Re:Microsoft Security Essentuals

[bemymonkey]

Same here. MSSE has been stellar in the time it's been available... glad I switched from AVG :)

Re:Microsoft Security Essentuals

The responses in this thread blow me away. You all trust the antivirus option from Microsoft... the people that make the software which gets owned by the most exploits (IE, Outlook, Word, etc.)?

Perhaps you also advocate using the mafia's protection services to stop crime?

Re:Microsoft Security Essentuals

[YesIAmAScript]

How do I get the icon out of the system tray?

I don't want an icon down there unless I am infected. How can I get MSE to do this?

Re:Microsoft Security Essentuals

[Groghunter]

What i changed over to last night when AVG broke my machine, lol.

Re:Microsoft Security Essentuals

The responses in this thread blow me away. You all trust the antivirus option from Microsoft... the people that make the software which gets owned by the most exploits (IE, Outlook, Word, etc.)?

On the browser side actually FireFox and Opera has the most vulnarebilities.

Internet Explorer deemed least vulnerable browser

Report: Firefox is the world's most vulnerable browser

Firefox most vulnerable browser, Safari close second

Re:Microsoft Security Essentuals

[Rude+Turnip]

With Windows 7 you can customize it to only show up for notifications only. Click the little triangle on the left of the system tray and pick "customize."

Re:Microsoft Security Essentuals

[shutdown+-p+now]

Buy Windows 7 (which lets you pick and choose which icons to show always, and which only when there is a notification associated with it). ~

Re:Microsoft Security Essentuals

[shutdown+-p+now]

The reason why so many people favor MSE is because it has consistently shown good results in numerous antivirus tests. Not perfect, but above average, and certainly above most other common free options.

Re:Microsoft Security Essentuals

[Enderandrew]

Microsoft is a massive fucking company. The developers who work on IE have absolutely nothing to do with the developers who work on Word or SQL Server.

Honestly, I think that speaks even better of the product that the people who often love to bash Microsoft still support Security Essentials despite that. It really is a good product.

Re:Microsoft Security Essentuals

[Spit]

Yes, both Nod and Kaspersky are excellent programs. I found the advantage of both over other products is that they transparently proxy network traffic. Other products operate on file access events only. Nod has the advantage of being cheap.

Re:Microsoft Security Essentuals

[saxoholic]

But do these take into account the time it takes for a patch to be released, or the severity of the exploit? And are these exploits found by researchers or exploits admitted by the vendor?

Re:Microsoft Security Essentuals

[Billly+Gates]

I like AVG due to its link security. It also has excellent Firefox integration and prevented some nasty javascripts from benig executed. Windows Security has a terrible record of finding positives as malware writes pay them to not view their software as spyware.

NOD32 was terrible on my laptop and prevented from ever playing World of Warcraft. It is simply incompatible with a large selection of software.

Re:Microsoft Security Essentuals

You're clearly insane.

http://en.wikipedia.org/wiki/Comparison_of_web_browsers#Vulnerabilities

# of Vulnerabilities:
IE6: 473
IE7: 26
IE8: 62
Firefox: 0
Opera: 0
Chrom: 0

Re:Microsoft Security Essentuals

[drinkypoo]

I found Kaspersky to be lightning-fast in its early days, and then it became horribly slow. Have they sped it up again?

Re:Microsoft Security Essentuals

I have tried all of these: MSE, NOD32, AVAST, AVG
AVG got bloated in last versions and problems like this are annoying.
NOD32 is very good, but I want free version.
Then tried MSE - was working well, but have problems with few things: Memory usage (~300MB all the time), Automatic online reporting for every found file and lack of any options and finally mediocre scanning speed (try AVAST or NOD32 and you will see huge difference because MSE does no caching)
Now I'm using free AVAST, it constains all I need, can be greatly configured and updates few times a day - all this for free. Memory usage is at ~25MB for both service and GUI. If you want fast AV with low memory footprint, this try this one. The GUI is nice and simple even for normal people, but you can always go to advanced options and fine tune things.

Re:Microsoft Security Essentuals

[Stormy+Dragon]

I don't trust Kaspersky AV. Back in the 80's, Eugene Kaspersky was a major in the KGB. Trusting your computer security to a former Russian intelligence officer is just asking for trouble.

Re:Microsoft Security Essentuals

[YesIAmAScript]

Doesn't work. It's still there after I select "only show up for notifications".

Did it work for you?

Re:Microsoft Security Essentuals

You're clearly insane.

http://en.wikipedia.org/wiki/Comparison_of_web_browsers#Vulnerabilities

# of Vulnerabilities: IE6: 473 IE7: 26 IE8: 62 Firefox: 0 Opera: 0 Chrom: 0

uhm.. if you look at Secunia (claimed as source here), they list 65 vulnerabilities for IE8 in 2010, of which 46 was highly or extremelig critical. And they list 72 for Firefox 3.6.x, of which 65 (!) was highly or extremely critical.

True, IE8 has still 5 unpatched right now (but all deemed 'less critical' or lower), while Firefox currently have patch out for all. And though patching speed of course is a very good thing, the high number of critical vulnerabilities being discovered in Firefox code is clearly an issue.

First time (at least in a long time) AVG Failed me

[MrWin2kMan]

I was happily working along on the Dell Latitude E6500 laptop I justed picked up off of eBay (after replacing the hard drive and reinstalling Win7Prox64 of course), when AVG asked to reboot. I did so, and...system restore popped up. Okay, I knew AVG screwed something up, because this just doesn't normally happen. After getting back into the system and having it happen again, I uninstalled AVG Free 2011 until they get it fixed.

Security Essentials

[PIPBoy3000]

I used to recommend AVG, and have since switched to telling family members to use Windows Security Essentials. AVG isn't the lightweight, unobtrusive piece of software it used to be.

Re:Security Essentials

[Attila+Dimedici]

That is my experience exactly. I stopped using AVG when it went to version 8 and became bloatware. I switched to using Microsoft Security Essentials for all of my Windows boxes and recomend it for all of the people I provide informal support for,

AVG Free Edition

Is the free edition free of testing or is it a testbed for the premium version ?

Re:AVG? Feh.

[sumdumass]

I run AVG but not the default versions. Well, it's the same except I disable the link scanning, tool bars, and id protection crap and it seems to be smooth and light.

What the....

[Slash.Poop]

Why is /. not blaming this on M$?

Re:What the....

Because M$ has its own blanket parties, this one is for AVG only.

Re:What the....

[anyGould]

Why is /. not blaming this on M$?

Not that people won't try, but this one is pretty clearly on AVG - if you're going to make your updates mandatory, make damn sure that you don't have any showstopper bugs in there.

I'm guessing they'll be busily pointing to the fine print that says "even if we deliberately screwed your computer up, it's not our fault"

Between McAfee and AVG...

Can we can label 2010 the year of the anti-virus uprising?

Re:First time (at least in a long time) AVG Failed

I had a similar experience, but it was on my 2 year old gaming laptop.

Glad to see that it was a fault in AVG and not a hardware failure.

First problem with AVG

That was really frustrating this morning, I woke up to a machine stuck in a reboot/blue screen/reboot cycle. Took me awhile to dig out my old Vista CD and roll back with a system restore.

But this is the first trouble I've ever had with AVG, still sucks it slipped through quality control. I guess I get what I paid for (since I was using the free version)

Re:First problem with AVG

[Runefox]

AVG started going downhill at 8, and then nose-dived at 9 when they had the focus stealing issue and another that a coworker of mine reported regarding the Outlook/Exchange plugin failing to update and causing Outlook to crash on startup (this was also a widespread issue, but I don't believe it got as much press seeing as most organizations using Outlook or the Exchange plugin aren't using AVG). Worse was their response to the issue, which as I recall was initially lazy denial.

This now hardly surprises me. I've migrated from AVG to Avast, and not only is it far lighter, but it's also faster and has never once given me grief. It's one of the best overall AV's according to AV-Comparatives (AVG is, too), and next to Security Essentials for the less technically-minded, it's all I recommend.

Re:AVG? Feh.

Every program runs smooth and light if you disable most of it.

Re:AVG? Feh.

[JeffSpudrinski]

I've been discouraging my friends/customers from using it for about 18 months now.

Agreed that it was once awesome, but they took a dive when they starting including that crappy IE plugin tool that pre-verifies all the results of your searches.

They also make it nigh on impossible to find the free version on their site (or it was hard last time I looked, which has been a while).

While all AV programs are prone to screwing something up, this one won't help their already soured reputation.

I've been using Avast and Sophos for a while now and had little issues with either of them.

-JJS

Not suprising...

[Cyno01]

Of course something like this would happen with a free program, you get what you pay for. Nothing like this would ever happen with one of the quality anti virus programs, like McAfee...

Re:Not suprising...

[Shadow99_1]

That had to have been an attempt at humor... Especially since I seem to recall both Norton and McAfee having issues which remind me of this in past versions...

I guess it just means AVG has joined the Norton and McAfee club...

Re:Not suprising...

That had to have been an attempt at humor...

I think you may have been my roommate in university.

Re:Not suprising...

HAHAH! Nice.

Re:Not suprising...

[saxoholic]

I guess it just means AVG has joined the Norton and McAfee club...

except AVG Free edition still costs more than what the three of them are worth?

Re:Not suprising...

Yeah, Norton wiped out one of my machines once....this is the most bogus of statements duuude....

Fix: use Linux to rename files

I downloaded the rescue cd image. Now where is my source code?

WTF?

[GF678]

Aren't updates tested before being pushed out? Or would useful testing of definitions take too long with modern AV software that they just pass the barest of qualifications before being approved?

Re:WTF?

[olddoc]

Sure they are tested. The problem ONLY occurs on rebooting. Who ever has to reboot a Windows computer?

Re:WTF?

[igreaterthanu]

This wasn't a definition update, it was an update to the client software. They absolutely would have had time to do more testing.

Re:WTF?

TBH I haven't restarted my Win7 machine in about a month.

Re:WTF?

$ uptime
17:10:48 up 393 days, 2:51, 2 users, load average: 0.04, 0.04, 0.00

Got burned with this ...

[gstoddart]

I got burned with this this morning. I had to boot into my Windows install CD and revert to a save point. I'm quite underwhelmed.

Quite frankly, I'm actually getting tired of AVG suddenly deciding that I need to restart my computer so that it can finish an upgrade that I didn't initiate it. It's my computer, and I will decide when to do upgrades and when to f-ing reboot -- that's the one thing about Windows machines that still drives me crazy, every ^$#^#% application deciding that what I really need to do is reboot.

Knowing that it was AVG that cost me an hour this morning.

So, Slashdot, what are my alternatives to move away from AVG?

Re:Got burned with this ...

[jesseck]

Microsoft Security Essentials. It may be from Microsoft, but it's a good piece of software. Licensed for home users and businesses with 10 or less computers- it's what I've been pushing my small business customers to lately. It's lightweight, unobtrusive, and performs checks well.

Re:Got burned with this ...

On my Windows boxes I usually use a VM for surfing and whatnot. If it gets a virus, I just blow the VM and create a new one.

Re:Got burned with this ...

[maxume]

You've probably seen the recommendations by now, but Microsoft Security Essentials is a good one.

(Mostly because it is intended to simply be free, not to harass you; I expect the scan quality is pretty much the same all round. Also, MSE isn't any more resource hungry than the last version of AVG I used, and I didn't have to be careful to avoid installing extra browser crap.)

Re:Got burned with this ...

[metalgamer84]

Avast. Ive been using it for years on my gaming rig, it works great. And yes, they have a free version: http://www.avast.com/free-antivirus-download

Re:Got burned with this ...

[gstoddart]

You've probably seen the recommendations by now, but Microsoft Security Essentials is a good one.

I might try that --- though, admittedly, if Microsoft is so good at detecting the viruses, why don't they just prevent them better?

But, AVG has really become obtrusive and annoying of late. Forcing it to not install toolbars, telling it I don't want to install "PC Analyzer", having it whine that I should upgrade to the paid version, constantly asking to reboot, and now hosing my machine ... well, they're running out of goodwill.

Re:Got burned with this ...

[Blakey+Rat]

I might try that --- though, admittedly, if Microsoft is so good at detecting the viruses, why don't they just prevent them better?

What do you suggest?

Require every .exe to be examined carefully by a Microsoft employee before executing? Sending a task squad to every Windows-using household to give them a 3-hour lecture on phishing and computer security? Fix security holes in other vendors' (Apple and Adobe primarily) products?

Praytell, what should they be doing *specifically*, that they aren't doing now?

Re:Got burned with this ...

Fixing the holes used by the virus to install itself? that should be possible without fixing bugs in Apple and Adobe products. Those fixes would work for all exe's that use that particular hole to install itself.

Re:Got burned with this ...

[coolmadsi]

I use Avast! (switched from AVG recently), although Microsoft Security Essentials has been mentioned a lot so might be worth looking into.

I have run into a few problems trying to uninstall AVG. First not all the versions would uninstall (something was still running and I couldn't stop it). Had to remove something from the Registry to stop whatever that was from starting on Windows start-up. Still wouldn't uninstall so I tried to delete the folders from Program Files, but was stopped because of a similar reason.

I think it may have been because (or partially because) it adds 'Scan with AVG' to the right-click menu for files, which I had to find and remove somewhere from the registry. Will hopefully be able to remove the folders completely now, I don't run as Admin by default and haven't switched users in a while to try.

Re:Got burned with this ...

[CyberSlugGump]

Avira AntiVir is quite good, in my opinion. http://www.free-av.com/

Re:Got burned with this ...

[gstoddart]

Yes, that's what I was referring to.

Re:Got burned with this ...

[Blakey+Rat]

Fixing the holes used by the virus to install itself? that should be possible without fixing bugs in Apple and Adobe products.

The holes used by the virus to install itself are *in* the Apple/Adobe/whoever products, though!

Microsoft already fixes their own problems. That's not the issue. The vast majority of virus infections don't come from Microsoft security holes, they come from Adobe security holes. It's not 2001 anymore.

Unless you honestly believe Microsoft should be fixing problems with other vendors' software, then you're not saying anything new: sure, Microsoft should fix their own holes, *but they already do that*. They can't legally do anything more than they're already doing.

Re:Got burned with this ...

[sqlrob]

Yeah, programs really shouldn't be allowed to execute code or write to file systems.

Nonsarcastically though, that really is the solution. There needs to be an easily manageable MAC

Re:Got burned with this ...

[cbhacking]

"Virus" in the common sense of today's malware is just another term for Trojan. The purpose of anti-virus software is to look at things you download, and say "This is dangerous, I'm going to make it go away!" You can still run it if you really, REALLY want to, but it's a lot more stumbling blocks and you can't pretend you weren't thoroughly warned.

Vanilla installs of Windows make the assumption that the operator is essentially competent and is only executing safe code. Unfortunately, between things like Adobe running automatically when you come across a PDF and the fact that some users would happily execute RootkitYourSystem.exe if somebody told them it contained naked celebrity pictures... well, you get a need for antivirus.

Re:Got burned with this ...

"I might try that --- though, admittedly, if Microsoft is so good at detecting the viruses, why don't they just prevent them better?"

The anti-virus companies, who care oh-so-much about our security and privacy, will enter a rage and get the government involved in the name of "anti-trust" claiming that Microsoft attempted to put them out of business. Or something like that.

Microsoft has no choice; they already got bitched at by major anti-virus companies back around when Vista was released because they tightened the security and stability of the OS by disallowing anyone from tampering with the kernel. And they should: no one has any fucking business tampering with that. Anything that is done for the benefit of additional security for every single fucking user of the OS is bad in these dickheads' eyes---this is why Security Essentials is not a part of recent Windows versions in the first place.

Microsoft fucked themselves over good way back in the mid 90s when they became a monopoly and abused their position, after creating what was probably the most popular yet insecure operating system of all time when it came out... I guess they didn't learn from their mistakes with DOS (and it's arguable they still didn't until Vista, as much of a pile of shit it was). So, as usual--you can just blame Microsoft. It's once again their fault for releasing extremely poorly-developed software that led to the proliferation of viruses in the first place, and downright bad business practices that got them in deep shit with the US government.

Agreed 110%: Great program... apk

"I used to recommend AVG as the free anti-virus solution to people, but Microsoft Security Essentials has a much smaller footprint, it doesn't harass you to upgrade to a paid version, and it has a better detection rate." - by Enderandrew (866215) on Thursday December 02, @04:04PM (#34422856) Homepage

Per my subject-line above - Agreed, 110%... & I used to do the same (recommend AVG Free, for folks that didn't have the "coins/dead-presidents" to afford a paid-for antivirus solution), until I tried MS Security Essentials (good stuff, surprisingly so).

My license for ESET's NOD32 64-bit (a great program in & of itself, but pay for ware) for Windows 7 ran out, & MS had JUST put out Security Essentials (a combined antispyware/antivirus program afaik, no less) & I tried it: Haven't strayed from it since!

APK

P.S.=> They update signatures like crazy too, around 2-4 times a day in fact (I do it manually from here -> http://www.microsoft.com/security/portal/Definitions/ADL.aspx so I get a "pretty good picture" of how often this program can update itself (automatically - which it can do but I choose to do it myself manually is all))... apk

Re:Agreed 110%: Great program... apk

[saxoholic]

Per my subject-line above - Agreed, 110%

This is slashdot and no one has made a comment about his 110% agreement?

Re:AVG? Feh.

[An+ominous+Cow+art]

Same here. It's still annoying at times, but once those are turned off, it's usable.

Alternatives to AVG?

So, Slashdot, what are my alternatives to move away from AVG?

Linux
BSD
Mac
Plan9
BeOS
AmigaOS
Atari
TRS80 ...

Go bareback!

[goodmanj]

I've said it before and I'll say it again: Antivirus causes more problems than it solves. You're far better off using a modern operating system (Mac, Linux, Win7, anything but XP) with no antivirus and religious attention to system updates.

This opinion may be totally uninformed and wrong, but since I never use Windows for anything mission-critical, I don't care if I turn out to be wrong.

Re:Go bareback!

[Junta]

I don't care if I turn out to be wrong

GASP. You do realize you are on the *internet* and therefore you *can't* be wrong?

Re:Go bareback!

[zonky]

That's fine, if you never download and install software. the problem is that the method of acquiring new software in the OSX/Windows space is just totally broken- (download something from anywhere and run it...)

Re:Go bareback!

[wintermute000]

I don't know if doing online banking or even email is considered mission critical, but you do realise that they can nick your passwords.
If your email is compromised then most of your other logins can be finessed.
of course the real killer is paypal or online banking.
I know people who have lost thousands due to keyloggers getting ahold of their online banking passwords.

Re:Go bareback!

[Spad]

religious attention to system updates

It's not the system updates that get you these days, it's the applications; the overwhelming majority of current exploits are targeted at Adobe Reader, Flash & Java and while you can sandbox them to an extent and run NoScript and Flashblock, all it takes is for a "trusted" site to be compromised in some way, delivering an exploit that circumvents the sandboxing and you're infected before you know it (probably for weeks before you know it).

These days, if you're on the internet you should be running some form of realtime AV, however distasteful the idea may be to you.

Re:Go bareback!

[cronius]

You're far better off using a modern operating system (Mac, Linux, Win7, anything but XP) with no antivirus and religious attention to system updates.

The thing is, a lot of people aren't interested in computers. They just want something that just works. Paying religious attention to anything computer related other than their Facebook account is not an option for these people. And I get it, I feel the same about cars. I don't care much about my car, I just want something that works so it can take me safely back and forth to where ever I need to go (work, mostly).

As long as there are careless users there will be viruses and trojans. We can't expect people to change, but we can change the systems they are using (open source systems at least). If the user isn't interested in being careful, then perhaps a program should be made to do it for them. We can call it e.g. "anti-virus", as its job is basically to defend the user against viruses etc.

Re:Go bareback!

As good as Microsoft's latest OS is and despite the fact that they have really locked it down in many ways, Windows 7 won't save your ass either. A while back, I fixed (aka. formatted/reinstalled) someone's Windows 7 machine that was about as fucked with malware as could be. I was actually somewhat surprised in a way, considering the user must've completely bypassed UAC and just hit "Continue". Before that, I redid a Vista machine. No, I don't fuck around any more: no cleaning, I nuke the shit from orbit and then perform a complete reinstall. Hopefully malware doesn't (or hasn't already) find some way of surviving in the recovery partition, since many (most?) computers these days are sold without a fucking recovery disc set (so much for the additional safety of a read-only disc!).

By now, I'm pretty much convinced that *some* UNIX or UNIX-like system is required to achieve any sort of meaningful "security" whatsoever. Even if it's Mac OS X, which is a larger target and is known to contain some, eh, "questionable" design decisions in the name of ease of use--the majority of people are probably still much safer than if they were running Windows. It's tough: I would never *want* to recommend Windows to anyone (especially after finding out that it's possible to have Win7 machines as fucked up as those Win9x and XP installations I've seen years ago), but it comes with the computers 99% of the time so the choice is seemingly a no-brainer to most people, but on the other hand I don't want to be anyone's tech support so I won't go out of my way to install Linux for anyone either. I stopped helping with Windows, for the most part, after Windows XP; I don't use it any more myself, don't care, don't ask.

In my experience, most people either don't know where their OEM OS restore discs are at, or only have a recovery partition which makes installing a Linux distro risky in case they wanted to revert. They usually end up disappointed that they can't play [insert stupid MMORPG like Rappelz, Shaiya or WOW here] and can't seem to grasp the fact that they're not running Windows, and that it is not meant to *be* like Windows. They're a losing battle, and I give up.

Re:Go bareback!

[goodmanj]

But antivirus isn't a solution for those people either. If they don't want to pay religious attention to system updates, they end up paying religious attention to their antivirus software.

To continue your car analogy, it's as if your solution to not wanting to pay attention to your car is to install a monitor that locks the car into 2nd gear every 5000 miles and won't let you out until you get an oil change. Effective? Yes. A good idea? No.

Thought of a title this morning as I wrote...

[gsgriffin]

about this same item first thing this morning. "AVG Update Stops Viruses From Running...And OS"

Yep, got me.

I restored my Windows to a previous point( having done a pretty lame windows update the other day for IE 8 Compatability). I knew the restore would be minimal. I could reboot and redown the update after updating my antivirus ( worked second time) and verify that it wasn't caused from another reason, as no one had yet posted a problem with AVG.

Re:AVG? Feh.

[RightSaidFred99]

Yeah, seems Microsoft Security Essentials should have done them in. Probably a lot of people just use them because they have for a few years out of habit.

Re:AVG? Feh.

[Gonoff]

I do. Am on Win7 64bit. Ran the upgrade last night and it seems fine here.

Re:AVG? Feh.

[b0bby]

Since I first tried out Microsoft Security Essentials that's what I've advised people who ask me what to run on the home machines to use. I use it on my Win7 machine & it's unobtrusive, which I like. For work I like NOD32, which equally just does its job & otherwise is not noticed. I had an issue with AVG on an XP machine years ago and one problem like that is enough for me.

How many times...

How many times must AVG release a version that eats computers before people stop using that shitware?

Microsoft Security Essentials is free. So is Avast! and Clamwin.

Clam AV?

[Ralphus+Maximus]

So I see that Clam AV has a windows version. Is it any good?

Cheers,
RM

Re:Clam AV?

[Spad]

Yes, but it doesn't do realtime scanning.

Doesn't need to be free for me

I can spare a few dozen bucks for a good AV if that's what it takes. But even if we take the "free" requirement away, what AV would be good? I don't really trust Symnatec or F-Secure all that much... I don't know if they're really so far ahead of the free ones or not. It seems that whenever I see AV comparisons, ALL such software are ranked about equal and all suck (all of them seem to miss a large part of the virus/malware/etc. stuff). So, would it be intelligent to pay to have inefficient resource hog on my machine? Meh.

I've ended up just not using AV, using ZoneAlarm for firewall and formatting the computer about twice a year. It seems to be "OK" option.

Not just 64-bit

[tpstigers]

This happened to me about a month ago on a 32-bit Windows 7 box. Woke up to a BSOD caused by a wee hours AVG update. Used system restore to fix the box, got rid of AVG, installed Microsoft Security Essentials and haven't looked back.

Re:AVG? Feh.

[The+MAZZTer]

Uninstalled it when I figured out it was responsible for Team Fortress 2 breakage, even when I disabled the networking components (I found out that doesn't actually disable them, you have to choose not to install them at install time) and was happy when my whole computer sped up as a bonus.

Browsing is it

[SuperKendall]

No. Just no. I'm a Windows hater too, but no. It's simply not THAT bad. It's really easy to catch something, but simply existing on the web isn't enough.

Existing, no, browsing to, yes. What if you simply browsed to a page with a trojan PDF for example...

That would be enough.

Re:Browsing is it

[fotbr]

I'm prompted what I want to do with such a PDF. So no, browsing to a page with an evil PDF isn't enough.

Re:Browsing is it

Acrobat bugs aren't a Windows issue, per se. Acrobat is a liability on any platform.

Recent versions of Windows/IE run in a sandbox, too, so Acrobat could subvert your browser session (which is definitely a bad thing), but can't really infect your computer as a whole.

Re:Browsing is it

[Xest]

Except, having browsed the web for about 16 years now on Windows, and have never ever managed to do that. I guess unless you have some kind of mental condition that forces you to click every link you come across rather than just clicking on what you want and trust it's about as likely as winning the lottery. In fact, despite having worked in IT support in the past for some years and having worked alongside IT as a developer for even more years, I don't think I've ever once encountered a case of someone being infected by a drive-by on Windows (or any OS for that matter).

Besides, it's not like an Acrobat bug is a Windows bug, and it's not like software bugs in plugins and browsers don't exist on other platforms- MacOS X, iOS, and Linux have all had such vulnerabilities too:

http://www.pcadvisor.co.uk/news/index.cfm?newsid=3249447

In fact, other OS' have often been first to fall to such exploits at hacking contests:

http://www.channelregister.co.uk/2008/03/28/mac_hack/

The gap between theoretical attack vectors and actual attack vectors seems pretty large- to date I suspect far far more infections occur as a result of infected e-mail attachments/memory stick transfers, or people downloading and then executing something they think they trust from phishing sites and whatnot despite these problems being as old as the internet themselves.

Microsoft is taking security seriously now

[rsborg]

... is the lesson I take from this.

I also use MSE on all my windows installs, and it's surprisingly low-profile.

I can only imagine that Microsoft finally figured out that this security industry is like a symbiote that will eventually kill the host (Windows). Best is to create your own version and integrate it (though the 2nd part would be regarded suspiciously by anti-trust division).

Re:Microsoft is taking security seriously now

[maxume]

They bought the underlying engine.

I think what they are doing to avoid antitrust is not utilizing Windows to get it on people's computers.

Re:AVG? Feh.

[coolmadsi]

I used to use (and recommend) AVG, but it recently seemed to make my PC whir all the time (I moved house recently so have the base unit on my desk now, instead of previously under the desk when I probably wouldn't hear it overly whirring). Plus it had problems updating so was complaining that it needed to update, but then wouldn't (it may have been because I don't run as an admin, but I really didn't want to switch user every time it wanted to update its virus definitions).

Switched to Avast! and it seems to be working fine (once I turned off the random talking voice). Scans don't take as long (I don't think, they normally run in the background), computer doesn't whir as much. After long periods of time of not having a virus found, I've switched a daily scan to be a quick one, with a more thorough one at the weekend. And it manages to update itself without needing to be logged in as admin! Yarr!

Virus Scanners Are Crap

[TheNinjaroach]

Yet another reason why virus scanners are crap and don't go anywhere near my Windows box.

Re:Virus Scanners Are Crap

[DigiShaman]

Yes, they're crap. But getting a virus is worse. Pick your poison.

Re:Virus Scanners Are Crap

[TheNinjaroach]

I don't run Adobe and generally don't use the internet with Windows, so I'm not too worried.

Even if I did catch a virus, I would never be comfortable with my OS after the fact and would replace it anyways. There are so many advantages to keeping my data separated from my OS by partitioning.

Also, I've seen virus behavior that is much more benign than any anti-virus software. Slow systems, "hey an update ran now my computer won't boot", anti-virus generally causes more trouble than it's worth.

Re:Virus Scanners Are Crap

[DigiShaman]

I agree, but as someone who has to maintain many networks, I can't rely on the judgment of staff. Eventually, the odds catch up and you'll have the network compromised without protection.

I generally keep a network secure by the following.

1. User education: provide to staff a general outline and awareness of social engineering, fraud, and safe computing common sense.

2. Gateway anti-virus filtering at the gateway level such as firewall deep-packet inspection and content filtering.

3. Server anti-virus to protect file shares.

4. Desktop anti-virus to protect access to data and minimize extended downtime and prevent outbreaks.

5. Last but not least, apply OS and App security updates.

Re:Virus Scanners Are Crap

[TheNinjaroach]

I agree, but as someone who has to maintain many networks

Well heck no, you don't let an unprotected Windows box anywhere near a corporate network. That's a completely different world, where anti-virus can be useful simply for the notifications.

Re:Virus Scanners Are Crap

[DigiShaman]

Notifications help, but I'm afraid security may have already been compromised at that point. For example, it drops in a key-logger and captured user credentials get uploaded someplace.

If you want to be really secure about your data, air gap the resources. Only trained staff with certified equipment may touch the standalone network. All data going in and being access must be logged and signed in blood (I suppose ink will suffice) by management.

Not Ironic

[Doc+Ruby]

How is that "ironic"?

Re:Not Ironic

It's like rain on your wedding day.

Don't you think?

Re:Not Ironic

[Doc+Ruby]

No, the word you want is "moronic", because none of that is irony.

Re:Not Ironic

That's the joke.

Re:Not Ironic

[Doc+Ruby]

I know. That's why I linked to that stupid song.

using a boot CD

[commodore64_love]

Here you go: Download in 5 minutes and you'll never have problem with viruses again. Also runs in RAM (i.e. FASTmem now slowmem)

http://puppylinux.org/main/Download%20Latest%20Release.htm
(Puppy Lucid 10.0)
(runs on 1/10 gig)

Re:using a boot CD

[Ihmhi]

Yes, and we'll also never be able to play the majority of PC games ever again.

I really wish people would stop saying "lololol get Linux no more viruses". No shit, I think by now a lot of us know that Linux has far, far less in the way of viruses and malware compared to Windows. The problem is that it also has far less software that some of us want to use.

Re:using a boot CD

What's that you're saying? Oh, I'm sorry. Let me turn down Counterstrike. And minimize Dead Space. And Metro 2033.

In case you don't catch my drift, Wine works pretty damn well for games - and not just old ones.

Re:using a boot CD

Counterstrike came out in 1999, and the last update came out in 2003
Counter strike source came out in 2004
Dead Space, in 2008

Metro2033 is the only game that you could call a "new" game, and out of what you listed, there is certainly no majority.

Re:using a boot CD

[toxickitty]

Three games being the majority of all games.. My wife still has to use a Virtual Machine in Linux to play all the games we want to and when I tried the Linux switch about 60% of my games worked in Wine, there's also countless MMORPGs that just do not work on wine or a VM. Sorry but Linux is no where close for gaming.

Re:using a boot CD

[voodoowizard]

Wine seems to have a problem with punkbuster. Meaning at least for me last year, no CoD MW1 online.

Re:using a boot CD

[thegarbz]

Counterstrike still exists?

Re:using a boot CD

[cronius]

The problem is that it also has far less software that some of us want to use.

This is a classic. I've been doing the usual family-support for many years and got my mom over on Linux a few years ago. A few things tend to break during upgrades (ubuntu), but other than that she is a happy user.

My sister uses stuff like frontpage (of all things) and windows movie maker for making compilations of her kids. I haven't looked into proper Linux replacements for a few years, suggestions are welcome. She has had numerous problems with her Windows over the years though, with reinstall being needed several times (she has family in-law to take care of it). I've considered pushing a Mac in her direction, but since I don't use it myself it's hard to recommend.

Software on Linux is getting better all the time. It might be different than the Windows counterpart, but it does the job, and that's all that matters. Most users defend Windows because they don't know any better. A friend of mine recently bought a Mac because he was tired of all the problems with Windows. It was quite the revelation for him.

(Optimally people would switch to Linux instead of Mac, but at least the average Joe is getting used to the notion that Computer != Windows, and I think that's a benefit for any future Linux acceptance and adaption. Pointing out to people that they're already using Linux [on their Android phone] is also a great acceptance boost.)

Re:using a boot CD

I keep hearing people claim crap like "Linux is unhackable!", do these people ignore news sites? Even Slashdot has had stories on how one of the Ubuntu repositories has been rooted twice now. Happiness in ignorance I suppose, same sort of mindset as Apple users; "Steve Jobs will protect us!".

Re:using a boot CD

[commodore64_love]

>>>we'll also never be able to play the majority of PC games ever again.

Haven't been able to play a PC game since I got rid of my Commodore Amiga. I tried gaming on IBM PCs but making the software & hardware work together never worked, so I quit out of frustration. Maybe it's better now but back in the days of DOS/Windows98 it was hell.

So in other words: Switching to Linux is no loss for me.

Re:using a boot CD

[IWantMoreSpamPlease]

I'm a photographer, I *need* Lightroom and Photoshop (as well as Nikon's nifty RAW image viewer, as well as some specialized software for film scanning for my Mamiya TLR)

Haven't seen anything even remotely close on Linux ever. Care to enlighten me?

Re:using a boot CD

Wine is pretty good, you know.

Re:using a boot CD

[Machtyn]

I decided, after my recent hard drive failure, to fully immerse myself into Linux. My PC, among other things, is a gaming machine. I've built it to be that. Having said that, I am quite pleased with how my games are running under Wine in Ubuntu. I'm also very pleased with how easy Ubuntu 10.10 is to use.

Re:using a boot CD

OK, look, it's not *that* much less. And there would be a lot more if it weren't for the underhanded legalese that often accompanies any good idea.

Re:using a boot CD

[Khyber]

"I'm a photographer, I *need* Lightroom and Photoshop"

If you need a computer, you're not much of a photographer.

I have everything I need built-in to my 35mm Minolta X700. Every picture I take is PERFECT barring film defects.

I even do my own C-41 developing.

Superior hardware (that happens to be older than I am) blows away crappy software any day, every day.

Re:using a boot CD

[Lanteran]

I play plenty of PC games on my linux box- check wine out sometime, it's improved greatly. LOTRO, DDO, Warcraft, Morrowind, Oblivion, Master of Orion, Guild Wars, the list goes on.

Re:using a boot CD

[Kraeloc]

Your information is extremely outdated. Maybe you haven't heard, but there's a huge and thriving PC gaming industry with many millions of players and hundreds or thousands of developers. Getting any random game running on a Windows box is a matter of popping in the disc and clicking next a few times while it installs.

Re:using a boot CD

[Ihmhi]

Could you list some PC games that aren't virtual treadmills (i.e. muhmorpuhgers)? d:

Re:using a boot CD

[Lanteran]

Morrowind, Oblivion, Master of Orion, Fallouts 1-3, unreal torunament, etc.

Re:AVG? Feh.

[swrider]

I still use the paid version. I believe in paying programmers for their work when I am happy with the product. I haven't really noticed a slowdown and I run it with everything turned on. Maybe the free version is different.

Norton, Symantec, whatever name they are hiding under these days is positively the worst when it comes to slowdowns and bloatware.

And, I absolutely wouldn't use MacAfee after their blue screen debacle with Internet Security Suite on Windows 2000. AVG at least admitted an issue and had fixes. After paying for an upgrade to MacAfee's Internet Security Suite and getting it partially installed, it caused the system to blue screen on boot. Since the software hadn't finished installing and wasn't registered, I couldn't get support without putting up cash up front. And then, they denied the problem. They continually took down posts on their forums from myself and others trying to get the problem resolved.

As far as trusting Microsoft to secure anything, give me a break.

AVG should have done more testing, but at least they didn't run from the problem.

No automatic updates

[Todd+Knarr]

This is why the policy on my network is "No automatic updates.". Software can tell me there's an update available, but all downloading and installation of updates is operator-initiated. That way I can control when updates are installed and can delay installation until I've seen whether they cause problems or not. Any software that can't follow my rule gets uninstalled (forcibly if neccesary).

It annoys the IT guys at my workplace because they want my home machines (that I use to VPN in to work) to take updates from them automatically, but they can't argue too loudly because my policy is virtually word-for-word identical to their policy for company machines. And they really don't like me pointing out that when it comes to virus infections, I've got a better track record on my machines than they do on theirs.

What's that smell?

[Fluffeh]

The irony is that you need to find another computer to read up on how to fix the issue.

*sniffs air*

What's that smell?

*sniff sniff*

Yes, I think... Yes, it's certainly the stench of... *sniff* Yes, AVGs share price nose diving...

Not just Windows 7 - My Vista 64 crapped too!

[penguin_dance]

Okay, add your Vista is crap already joke here....

I wondered what the problem was. I hadn't installed any new software. The computer had booted up previously. But I left it on and went to dinner. Came back and the screen wouldn't come up. Started tapping the keyboard (thought it was in sleep mode) but then it rebooted. Tapping the key must have signaled the AVG reboot. Or it tried to reboot but then came up with an error. Ran the auto fix on it which found nothing wrong with the hardware. Finally got it to boot up by rolling back the System Restore to 11/30.

I wondered about AVG because it's the only think I could think of that was active unless a virus had slipped in somehow...

Re:Not just Windows 7 - My Vista 64 crapped too!

[tompaulco]

And not just 64, AVG crashed my 32 bit Windows, too. I know of 3 people at work (small company. About 30 people) who had problems getting their computers to work after it downloaded the latest AVG. My company laptop (Windows 7 64 bit) started doing spontaneous shutdowns which my research indicated were caused by overheating, but somehow after uninstalling AVG 2011, the problem went away. Two other guys at work had their Windows 7 64 Bit machines stop working after AVG updated. My home computer running XP started getting blue screens after AVG asked me to reboot. I uninstalled AVG, and have been fighting for over a week to get the computer back to life. I have been less and less comfortable with AVG over the last several years, but now it is definitely out the door.

No more AVG fro me!

[flatcat]

An early November update hosed my 2 XP SP3 computers causing memory leaks. Any computer running continuously for 12 or so hrs crashed. Now this update takes out a Win 7 64 bit computer. 2 major problems is a one month period. I put the XP's on Panda cloud. Probably do the same for the Win 7 as well.

Re:No more AVG fro me!

[billybob_jcv]

Same here. I have used AVG for several years. My son's XP box got hosed a few weeks ago when he upgraded to 2011 and we discovered AVG no longer plays well with Malwarebytes (or many others), and now my Win7/64 box gets hit with this crap. I'm done with AVG - bye-bye.

KNOPPIX

[turgid]

Everyone should have a KNOPPIX CD/DVD to hand. It's very useful for when someone messes up the Windows PC. I've used it several times for cleaning malware off of Mrs. Turgid's laptops after the monkeys have been on the intarwebs.

Oh really?

[SuperKendall]

See if you are prompted for this.

Not a virus, just a PDF displayed using the HTML Embed tag. But it shows you just need to visit a page. As I said.

Re:Oh really?

[fotbr]

Not a prompt per se, but I don't see the PDFs.

No file association or handler for PDFs on this machine. Windows and browser both don't know what to do with them, since acrobat reader isn't installed.

I do have the ability to view them, but it's with a portable app that does not have any associations.

Re:Oh really?

[Gadget_Guy]

See if you are prompted for this.

I just got a box with a small icon in the top corner. No PDF there. This is with IE8 on XP (without antivirus).

Hang on, I will try it in my trusted sites zone. Again, no. Different icon this time - was the red X one. Wait, I will have a look at Tools->Manage Addons. Ah yes, some clever bunny has disabled anything from Adobe. It is amazing how much more secure ANY operating system is once you get rid of software from that company.

Obviously I have fiddled with my system. An easier way to do it would be to use an alternative PDF viewer that doesn't want to be one with the web browser. It is a multitasking, windowing environment - I can handle a PDF popping up in another window rather than overwriting my current web page.

Still, if you are not comfortable changing the browser settings, then AV software is the way to go.

Re:Oh really?

[assassinator42]

Nope. "Additional plugins are required to display all the media on this page".
I've only run into one site that REQUIRED Adobe Reader to do anything rather than letting me open it outside the browser in Foxit.

Re:AVG? Feh.

[SheeEttin]

They also make it nigh on impossible to find the free version on their site (or it was hard last time I looked, which has been a while).

free.avg.com. You just have to watch for the free links, because they put the paid ones next to it and they're a whole lot flashier

Well shit

I wish I had seen this before I formatted my Windows partition. I guess I won't be using AVG anymore.

Re:AVG? Feh.

[StikyPad]

Agreed, I've had excellent results for Avast. I only wish they'd update their managed client and ADNM (which was rather crap to begin with) to version 5.

Disaster Averted

Glad I read this. Have AVG on my work computer (PhD student). Have the update downloaded but haven't had a chance to install it yet as my computer has been working 24/7 for months. I'll be uninstalling it as soon as I get a chance. I'll give Microsoft Security Essentials a go

Re:AVG? Feh.

[ArundelCastle]

Since Norton, modern AV software in general seems to be a case of the cure being worse than the disease. Why do I need ad supported toolbars and mandatory scan slowdowns in place of Poker popups and replicating trojans? Both bog my machine down, just one is less likely to destroy files (failed bootups notwithstanding). My University uses Sophos. When I must set up a Windows machine, I set up an F-Prot license. I've trusted Frisk since forever, but the application has its glitches certainly.

So much cruft and garish UI is for the fearful neophytes. Not to mention the raft of organized crime promoting anti-spyware spyware with website banners.

I miss Thunderbyte. That was damn good DOS software. TBAV and Shez, a copy of DD.COM from PCMag to manage my files, and Norton Utilities to keep my drives defragmented. Shit, I used to love computers. Now I use a Mac, my typing has gone to hell, and I only love what I can *do* with computers. Totally different thing. :)

Re:AVG? Feh.

[homes32]

our you could just skip the hassle and go straight to CNET www.download.com where AVG eventually sends you for the download and not have to click 30 times to actually download the free version. its even right on the front page under most popular downloads.

We're done selling AVG

[gravyface]

It's a decent product, takes some mucking about in the station settings to get it just right, but man, bloat-city. I can't believe how much crap they keep piling on: there's now an AVG "gadget" that floats on the desktop with amazingly intuitive features like a big "Fix" button. Umm, really? A gadget for anti-virus?

Also, this isn't the first issue: we had dozens of SBS 2003 servers run out of non-paged pool memory and crash. Guess what the culprit was? AVG's network IDS driver from AVG 8 that didn't properly uninstall after an upgrade and had to be manually removed. That was alot of fun troubleshooting. So we've decided not to renew any clients with it. It's a shame: it was so promising prior to version 8: it was lightweight, inexpensive, centrally-managed (essential for businesses), etc.

First Avast, now AVG!

[hipifreq]

I still use AVG, but thankfully not on my Win7 machine.

I had to switch an XP machine from Avast when a mandatory update from Avast caused problems on loading Windows a few months ago. Could only boot to safe mode, and uninstalling Avast cured it. Reinstalling did exactly the same thing so I dumped it for AVG

Work machines are all on Norton, which I must say has gotten better in versions 2010 and 2011. /me *DUCKS*

Re:AVG? Feh.

Exactly.
It was the perfect antivirus that i needed at a certain time
Then it went full-scale-bloatware and i had to drop it.

I now use ClamWin.

Who cares?

[macraig]

AVG has had major show-stopping problems since at least version "2009", which would stubbornly hold files open on local partitions and completely prevent them from being formatted in Windows unless AVG was uninstalled. That's the point that I stopped using it, when it denied me the ability to use a fundamental utility in Windows.

So not at all representative

[SuperKendall]

No file association or handler for PDFs on this machine.

Which is unlike 90%+ of the Windows systems in existence, so it doesn't say much.

Re:So not at all representative

[fotbr]

It does provide evidence that not all windows machines are vulnerable just by browsing. Basic logic says it only takes one example to break premises based on absolutes such as "all" or "none".

For whatever it's worth, the machine is a default XP SP3 install with just the "critical" updates applied, and with only a few portable apps (FF, Foxit, Filezilla, Putty). The only thing "protecting" it is a cheap NAT router, and the user not being a clueless "click yes on everything" idiot, though an admitted idiot when it comes to many other things.

Re:So not at all representative

[EXrider]

You guys do realize that Windows (and other OSs) have had serious vulnerabilities in shared libraries that are used in pretty much every application (including Firefox or Chrome) that parses image data or audio. With the GDI+ vulnerability, all the page had to do was load one malicious JPEG advert and you were pwnt. There are many other examples with audio libraries and such, go ahead and Google it.

What a surprise

Anyone remember when AVG once had an update that flagged User32.dll as a virus, deleting it and making you reinstall Windows?

I've never trusted AVG ever since.

AVG

[keith_nt4]

I only use AVG one place: on my WHS box. I found this site that shows you how to hex edit the installer so you can run AVG on the "server" version of Windows even if that version is actually intended for home/non-for-profit use. MSE so far as I know still doesn't work on WHS either. It's the 32-bit WHS so I'm pretty sure I'm safe from this update. Probably.

AVG2011 Also Crashes Against Malwarebytes Pro

If you have Malwarebytes Professional and decide to upgrade your AVG 8.5 or 9.0 to AVG 2011 your PC will likely freeze. You have to boot to Safe Mode, turn off Malwarebytes using MSCONFIG, reboot, uninstall AVG 2011, reboot, re-enable Malwarebytes and then install something like Avast Free. Ugh.

what the hell?

[ILuvRamen]

Are you people serious? The only times I've ever seen microsoft security essentials is when it's caught in an infinite loop and taking up 99% of the CPU cycles and over 150 MB of ram. Google about it, you'll find hundreds of references to that problem. That program is a joke. It's like Live One Care reincarnated and it's bound to die just as quickly.
I use Avast on every computer I have and have put it on over 200 customer computers and it's the most efficient and best at catching and removing the widest array of viruses. Sure Kaserpersky is more thorough and others may use a tiny bit less resources but Avast is the perfect balance. What other program can shut windows down and remove a virus with a pre-boot scan? Not many! So they went a little nuts with the marketing? They want to stay in business, don't they? It hasn't turned downright deceptive like AVG and McAfee.

I'll second those two

[Sycraft-fu]

ESET's products are by far my top recommendation. Very fast, except for scanning downloaded files (you want the most through scan on those), stable, good catch rate and nice interface. The regular NOD32 is good, their Smart Security product is also good (I like it's bidirectional firewall interface).

However if zero dollars is the required price then MSE is the thing for you. It isn't quite as good as ESET's stuff, but it is still plenty good and low impact. Supposedly version 2 is even faster/lighter according to the beta testers. Not sure when they are looking to release it.

"...I've never had a virus."

[repetty]

I haven't run antivirus software in years and I've never had a virus.

I've heard that one from Windows users before. You know what happens when I look into that claim? I find viruses every fucking time.

Re:"...I've never had a virus."

[Craig+Ringer]

Out of interest: how do you find them? Scanning tools? manual inspection?

I don't run AV here, but I have AV software installed so I can use it for the odd system scan. I never turn anything up. I never see any evidence of virus activity, either, and I'm pretty used to spotting the signs thanks to experience fixing the home computers of users at work.

OTOH, it probably helps that my Windows installs have tended to last a year at the most before I reimage them for some reason or another (HDD failure/upgrade; OS upgrade; boredom; etc) so I'm rarely running a crufty old install.

Re:"...I've never had a virus."

You know what happened when I just run a virus scan today after years of not having antivirus software? No fucking virus. None. Zip.

Of course since I use Firefox and Adblock instead of IE and Doubleclick, I'm not going to get any.

Re:"...I've never had a virus."

As much as you might call bullshit on the GP, his story is plausible and quite possible with a geek using the system. I haven't run antivirus in the background on any Windows system I've used for the past 10 years, and I've not once had a virus on any system I was using. I always have my Windows machines sitting behind a homebuilt linux firewall, with no particularly fancy configuration done. Just block all unneeded inbound ports. I don't use IE. I don't use Outlook. I use JavaScript and Flash blocking. I accept nothing from unknown sources, and treat files sent unexpectedly from known sources as suspicious. I do occasional virus checks when I'm not using Windows by rebooting in safe mode and scanning the disk for suspect files with ClamAV. Never find a thing. Never see virus-like behavior.

I also, for the record, have both an OS X and Ubuntu Linux laptops that I use regularly. I'm a little less cautious with those, but generally obey the exact same set of rules on each of them as well. The only systems I sweat viruses or intrusions on are the one Win2k3 IIS6 server and two Ubuntu servers I have facing the internet. I keep them up to date and do not give them extensive access to the back end network. My mail server runs everything through ClamAV before I retrieve it as well. Even with all that to deal with, I've had no problems yet.

The best antivirus system out there is simply an informed, knowledgeable user. I realize that it might bake your noodle to hear that, but it's true.

Re:"...I've never had a virus."

[vistapwns]

I run no AV, I see no reason. I run Windows 7 x64, enable DEP and SEHOP for all processes, and max out UAC. With DEP, ASLR, stack/heap smashing protection, SEHOP, UAC, and sandboxing (Windows Mandatory Access Controls) the system is about as secure as it gets. I also enable per-site activex, so only sites I approve can run active-x controls, and don't run binaries unless it's from well known companies (nvidia, intel, microsoft, apple, valve, etc.) I've been programming assembly language since the early '90s, and worked at an AV company back in 96 or so (Norman Data Defense, dunno if they are still around or what happened to them) and I KNOW what to look for, and there has never been anything on my Vista or Windows 7 boxes. I also run occasional scans with MSE and Malware Bytes, but don't use the active protection (and uninstall MSE when I'm done.) Never anything. Running Malware free in modern Windows (I.E. not XP) can be done, it just takes a little common sense. Modern Windows basically have all the same protection measures that Linux and Mac OS X have, it is the users and the amount of targets that is different. Most Windows users are not hacker types unlike Linux guys, and are targeted so heavily that a lot more infections are inevitable. In fact, Charlie Miller, probably the world's most famous hacker, winner of pwn2own 3 times, *and* a Mac OS X user, has said that 3 year old Vista is more secure than brand new Snow Leopard (less attack surface and better ASLR were the reasons I saw given.) I'd be modded a troll if I said the same thing, here, without attributing the original source. So it makes no sense to say Windows is insecure, you might as well say all general purpose OSes are insecure, since they all use the same protection techniques.

I Had AVG Free

[AK+Marc]

I used to have it on all my machines. It was good back when it was less popular. Now it's a crappy advertisement for their pay products. When that happened, they worked on crippling the features people like to use. I happen to be between scanners because I uninstalled AVG last month because it wouldn't let me configure exceptions the way I wanted. I can't say I'm sad to see it go, and glad I did it when I did. I just haven't settled on a replacement yet. Though I've managed to never get a virus that didn't get on my computer via sneakernet.

Can I play the snotty Linux user?

[purplemecha]

Windows users, what losers. I use Linux and my penguin protects me with secure defaults (Ubuntu of course). He sits on my egg shell to keep me safe and warm from the nasty Internet.

Me Ubuntu Fan.
Hey look, a cool download.

Downloads.

Clicks on it.

Dialog box says, do you want to run it in a terminal or view contents.

Selects run in terminal.

It ask for password, well of course it ask for password. It needs to be protected from modification from the Internet.

Installs to /usr/local/

Sweet, cool naked ladies screensaver. Ubuntu is so awesome! Real easy just like Windows but secure!

Sir, this is Comcast and we have noticed that your computer appears suspicious. Stupid rep, what do they know, I have a penguin.

simple to say...

[BlackBloq]

suck it windows monkeys!

No excuse!

[Bryan+Bytehead]

Sorry, when I hear about an AV product totally blowing away a working system due to an update because they didn't test enough, they don't get a second chance. Do they need a computer loaded with every different operating system? No, there's this thing called virtualization that should be able to get at least four if not more versions running on a PC. Yes, it can be a pain to set up. But then you do that sort of thing instead of risking your customers computers to not even being able to boot.

AVG you just shot yourself in the foot. Hopefully fatally.

Re:AVG? Feh.

Thanks for the helpful info, I really was wondering what your initials were. Everyone should post their initials like you do. Very useful.

Re:AVG? Feh.

[SilentChasm]

Yes people use AVG still. At least one classroom of my school's computer building has it installed on all the laptops. The only thing probably saving them is that it's 32-bit windows.

just missed it

[elh_inny]

Funny how narrowly I avoided that - I had AVG installed as an inheritance.
Itkept bugging me to update, so I uninstalled it yesterday, just in time to avoid the disaster :)

That is because you don't know the correct users

[aepervius]

I haven't had one virus in years. There is no infection vector you can attack me on either. I used to build some for fun in my pre-teen idiotic years (from my own version of pong using the 21hz INT, to some which self replicated on COM, and later EXE). Today, from time to time I download one of the anti virus & anti spyware and test my machine. In the last 10 years the results has always been the same : Zero Trojan, zero Virus, zero everything. it takes discipline and knowledge but you CAN be without any virus whatsoever.

AVG = free command-line scanner for Linux

They offer one of the few virus scanners for Linux that actually do what you would expect it to do:

* command-line
* scan any directory (read: mounted Windows partition)
* comes in .deb/.rpm/.tar.gz
* reasonably fast
* free for private/non-commercial use

I had to guide somebody on the phone through scanning their Windows partition using the Ubuntu-Live-CD. The only problem I had with AVG was that the installed daemon needed to be started by hand, since a reboot was not an option. Of course, clamav does the same, but a presumably quicker scan with AVG first was handy, so clamav had to wait.

Regards, AC

MSE means "no torrents" so far

[Dr.Syshalt]

The problem with MSE is that it causes latency/sound problems after working for long on systems with high network activity. This problem will definitely affect anyone running uTorrent, for example. Check Google for "MSE DPC latency". This problem exists from the very beginning, MS acknowledged it several months ago, but still there is no fix.

I am using AVG 2011 with no problems.

[master_p]

Just for the record (since so many slashdotters have said they have problems), I am reporting that I have happily updated all my machines (one Win7, two XPs, one Win2K) to AVG 2011 and I don't have any problems so far.

Locked an XP machine up totally

Locked up an XP machine I was using completely and I had to hard boot it. NOT a good thing at all, more like a virus in itself.

Yep, got boned by this one yesterday....

[a61sun]

Ran an HP update and windows wouldn't load, the auto-repair set me back to a save point and then the update automatically ran again. :( I changed the update settings and stopped them temporarily, then I see this morning that its AVG. One uninstall later and a quick install of MicroSloth's Security Essentials and we'll see how it goes. Been using AVG for couple years now but this simply will not do. Bye AVG, hello MSE. (Hope you guys know what you're talking about) :D @rt

AV software in general

[jefelex]

I don't use it at all - Windows is such bloat code and so slow that I use Linux and don't bother with paid antivirus software. I do however occasionally search my download folder with Clamav - never had a virus for over 10 years so I'm pretty satified that this virus shit is just that: shit

Rescue CD

[jefelex]

I wasnt aware that Windo$e had a rescue cd - so I can't understand about the booting from CD option is available - I'll have to read up and see what they are talking about - I guess you have to use a different none W64 computer to get to the AVG website!

Re:AVG? Feh.

They also make it nigh on impossible to find the free version on their site (or it was hard last time I looked, which has been a while).

It's not like they have an A/CNAME record just for that or anything... free.avg.com

Score another for MenuetOS

[Khyber]

Can't infect my OS. 1.4MB, boots from a flash drive in just a second, and with the whole thing physically write-protected, I'm solid.

Re:AVG? Feh.

[JeffSpudrinski]

True...it is still there, but they still try to make it hard to spot the free link.

They prey on folks that they are hoping either 1) aren't very tech savvy, or 2) are in "panic" mode to install something and will click on the first thing they find.

Back when I stopped recommending AVG was when I had several folks I had sent there and they all got the "trial" version by mistake and not the free version.

You've got to remember, Slashdot folks, not everyone using computers is as savvy as most folks here are. AVG started preying on that by moving the "free dowload" link to the bottom of the page where it was a very nondescript link.

That's also why I'm careful about directing folks to CNET since CNET allows ads on their site that have huge green "click here to dowload now" as part of the ad...and the ad will be something similar (but not free) to the software folks might be looking for.

It's the same trick AVG started using...still offering the free stuff, but making it hard to find how to actually download it without knowing the tricks to watch out for.

-JJS